Op-tee Security Vulnerabilities and Issues — Op-tee CVE List

Lucene search

LinaroOp-tee

3 matches found

CVE•added 2021/08/11 3:15 p.m.•46 views

CVE-2019-25052

In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call update and final cryptographic functions directly, causing a crash that could leak sensitive information.

9.1CVSS9AI score0.00203EPSS

CVE•added 2021/12/07 9:15 p.m.•31 views

CVE-2021-44149

An issue was discovered in Trusted Firmware OP-TEE Trusted OS through 3.15.0. The OPTEE-OS CSU driver for NXP i.MX6UL SoC devices lacks security access configuration for wakeup-related registers, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write opera...

7.8CVSS7.7AI score0.00067EPSS

CVE•added 2021/12/07 9:15 p.m.•30 views

CVE-2021-36133

The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral.

7.1CVSS7AI score0.00051EPSS