Trustedfirmware Op-tee
21 CVEs affecting Trustedfirmware Op-tee. Latest disclosed: 2026-06-03. Critical: 7, High: 9.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-1010292 | Critical | 9.8 | 2019-07-16 | Linaro/OP-TEE OP-TEE Prior to version v3.4.0 is affected by: Boundary checks. The impact is: This could lead to corruption of any memory which the TA can acces… |
CVE-2019-1010298 | Critical | 9.8 | 2019-07-15 | Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in the context of TEE core (kernel). The component is: op… |
CVE-2019-1010297 | Critical | 9.8 | 2019-07-15 | Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Execution of code in TEE core (kernel) context. The component is: optee_… |
CVE-2019-1010296 | Critical | 9.8 | 2019-07-15 | Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in context of TEE core (kernel). The component is: optee_… |
CVE-2019-1010295 | Critical | 9.8 | 2019-07-15 | Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Memory corruption and disclosure of memory content. The component is: op… |
CVE-2019-1010293 | Critical | 9.8 | 2019-07-15 | Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Boundary crossing. The impact is: Memory corruption of the TEE itself. The component is: optee_os. The f… |
CVE-2019-25052 | Critical | 9.1 | 2021-08-11 | In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call update and final cryptographic functions directly, causing a cra… |
CVE-2026-33317 | High | 8.7 | 2026-04-24 | OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technolog… |
CVE-2022-46152 | High | 8.2 | 2022-11-29 | OP-TEE Trusted OS is the secure side implementation of OP-TEE project, a Trusted Execution Environment. Versions prior to 3.19.0, contain an Improper Validatio… |
CVE-2026-40290 | High | 7.8 | 2026-06-03 | OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technolog… |
CVE-2021-44149 | High | 7.8 | 2021-12-07 | An issue was discovered in Trusted Firmware OP-TEE Trusted OS through 3.15.0. The OPTEE-OS CSU driver for NXP i.MX6UL SoC devices lacks security access configu… |
CVE-2026-33662 | High | 7.5 | 2026-04-24 | OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technolog… |
CVE-2019-1010294 | High | 7.5 | 2019-07-15 | Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Rounding error. The impact is: Potentially leaking code and/or data from previous Trusted Application. T… |
CVE-2016-6129 | High | 7.5 | 2017-02-13 | The rsa_verify_hash_ex function in rsa_verify_hash.c in LibTomCrypt, as used in OP-TEE before 2.2.0, does not validate that the message length is equal to the… |
CVE-2023-41325 | High | 7.4 | 2023-09-15 | OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technolog… |
CVE-2021-36133 | High | 7.1 | 2021-12-07 | The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure Wo… |
CVE-2020-13799 | Medium | 6.8 | 2020-11-18 | Western Digital has identified a security vulnerability in the Replay Protected Memory Block (RPMB) protocol as specified in multiple standards for storage dev… |
CVE-2022-47549 | Medium | 6.4 | 2022-12-19 | An unprotected memory-access operation in optee_os in TrustedFirmware Open Portable Trusted Execution Environment (OP-TEE) before 3.20 allows a physically prox… |
CVE-2018-12437 | Medium | 4.9 | 2018-06-15 | LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an… |
CVE-2026-45614 | Medium | 4.7 | 2026-06-03 | OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technolog… |