Lucene search
K

579 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.11 views

CVE-2025-66660

Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDSRIOVCHECKTACOMPAT to cause incorrect shared memory mapping, potentially resulting in unexpected behavior...

1.8CVSS5.5AI score0.00101EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/03 4:45 p.m.10 views

CVE-2026-40290

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.16.0 and prior to 4.11.0, a user-after-free UAF race condition exists in the shared memory teardown logic of FF-A...

7.8CVSS5.8AI score0.00187EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.8 views

OP-TEE Trusted OS 安全漏洞

OP-TEE Trusted OS is an implementation of the OP-TEE open-source project, which creates an open-source Trusted Execution Environment TEE that utilizes Arm TrustZone technology. There were security vulnerabilities in versions 4.3.0 to 4.11.0 of OP-TEE Trusted OS. These vulnerabilities stemmed from...

5.5CVSS5.4AI score0.00155EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A use-after-free exists in the drivers/tee/teeshm.c file within the TEE subsystem of the Linux kernel, as of version 5.15.11. This issue arises due to a race condition during the teeshmgetfromid function, when attempting to free a shared memory object...

7CVSS6.4AI score0.00694EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: tee: optee: Fixed the kernel panic caused by incorrect error handling. The error path when failing to register devices on the TEE bus contains a bug that leads to kernel panic. The details are as follows: 15.398930 Unable to hand...

7.1CVSS6.2AI score0.00232EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: tee: Fix NULL pointer dereference in teeshmput There is a NULL pointer dereference in teeshmput: opteedisableshmcache shm = regpairtoptr...; // shm may return NULL teeshmfreeshm; teeshmputshm; // results in a crash Add a check...

5.5CVSS6.1AI score0.00149EPSS
Exploits0References2
NVD
NVD
added 2026/05/15 3:16 a.m.33 views

CVE-2025-66660

Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDSRIOVCHECKTACOMPAT to cause incorrect shared memory mapping, potentially resulting in unexpected behavior...

1.8CVSS0.00101EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/15 2:42 a.m.21 views

EUVD-2025-209877

Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDSRIOVCHECKTACOMPAT to cause incorrect shared memory mapping, potentially resulting in unexpected behavior...

1.8CVSS5.8AI score0.00101EPSS
Exploits0References1
CVE
CVE
added 2026/05/15 2:42 a.m.22 views

CVE-2025-66660

CVE-2025-66660 affects the TEE SOC Driver. Root cause: insufficient parameter sanitization that could let an attacker issue a malformed DRV_SOC_CMD_ID_SRIOV_CHECK_TA_COMPAT, causing incorrect shared memory mapping and potentially leading to unexpected behavior. Exploitation is described as local ...

1.8CVSS5.8AI score0.00101EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/15 2:42 a.m.51 views

CVE-2025-66660

Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDSRIOVCHECKTACOMPAT to cause incorrect shared memory mapping, potentially resulting in unexpected behavior...

1.8CVSS0.00101EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/15 2:41 a.m.9 views

CVE-2026-0428

Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDSRIOVCOPYVFCHIPLETREGS to write invalid data to a remote Die, potentially resulting in unexpected behavior...

1.8CVSS5.8AI score0.00101EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/15 2:41 a.m.11 views

EUVD-2026-30500

Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDSRIOVCOPYVFCHIPLETREGS to write invalid data to a remote Die, potentially resulting in unexpected behavior...

1.8CVSS5.8AI score0.00101EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/15 2:41 a.m.39 views

CVE-2026-0428

Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDSRIOVCOPYVFCHIPLETREGS to write invalid data to a remote Die, potentially resulting in unexpected behavior...

1.8CVSS0.00101EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.17 views

PT-2026-41259

Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV SOC CMD ID SRIOV COPY VF CHIPLET REGS to write invalid data to a remote Die, potentially resulting in unexpected behavior...

1.8CVSS5.8AI score0.00101EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.14 views

PT-2026-41257

Insufficient parameter sanitization in AMD Secure Processor ASP TEE SOC Driver could allow an attacker to issue a malformed DRV SOC CMD ID LOAD GFX IP FW SR-IOV command to cause out-of-bounds read, potentially resulting in SOC Driver memory contents exposure or an exception...

4.6CVSS5.8AI score0.00112EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/08 3:31 p.m.10 views

EUVD-2025-209749

In the Linux kernel, the following vulnerability has been resolved: Revert "arm64: zynqmp: Add an OP-TEE node to the device tree" This reverts commit 06d22ed6b6635b17551f386b50bb5aaff9b75fbe. OP-TEE logic in U-Boot automatically injects a reserved-memory node along with optee firmware node to...

5.8AI score0.00138EPSS
Exploits0References5
CVE
CVE
added 2026/04/24 6:13 p.m.15 views

CVE-2026-33662

OP-TEE (Trusted Execution Environment) has a concrete vulnerability in RSASSA PKCS#1 v1.5 padding. Affected versions are 3.8.0–4.10; the padding size (PS) is computed as modulus size minus digest/EMSA fields in emsa_pkcs1_v1_5_encode() (rsassa.c). If the modulus is small enough, this subtraction ...

7.5CVSS5.5AI score0.00403EPSS
Exploits0References1Affected Software1
SUSE CVE
SUSE CVE
added 2026/04/23 1:25 a.m.11 views

SUSE CVE-2026-31507

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix double-free of smcspdpriv when tee duplicates splice pipe buffer smcrxsplice allocates one smcspdpriv per pipebuffer and stores the pointer in pipebuffer.private. The pipebufoperations for these buffers used .get =...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References23
RedhatCVE
RedhatCVE
added 2026/04/22 7:45 p.m.5 views

CVE-2026-31507

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SMC module. A local user can exploit this vulnerability by using the tee2 system call to duplicate a splice pipe buffer, leading to a double-free condition. This double-free can result in a use-after-free error and a kern...

7.8CVSS5.3AI score0.00126EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/22 3:31 p.m.4 views

EUVD-2026-24885

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix double-free of smcspdpriv when tee duplicates splice pipe buffer smcrxsplice allocates one smcspdpriv per pipebuffer and stores the pointer in pipebuffer.private. The pipebufoperations for these buffers used .get =...

5.8AI score0.00126EPSS
Exploits0References9
Rows per page
Query Builder