Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2026-41515— OP-TEE: RSA-OAEP padding oracle in NXP CAAM driver enables plaintext recovery

CVSS 2.5 · Low EPSS 0.09% · P1

Possible ATT&CK Techniques 1AI

T1555 · Credentials from Password Stores

Affected Version Matrix 1

VendorProductVersion RangeStatus
OP-TEEoptee_os>= 3.9.0, < 4.11.0affected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-41515

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
OP-TEE: RSA-OAEP padding oracle in NXP CAAM driver enables plaintext recovery
Source: NVD (National Vulnerability Database)
Vulnerability Description
OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.9.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the NXP CAAM crypto driver uses non-constant-time `memcmp()` for label hash verification and has multiple distinguishable error paths. This creates a Manger-style padding oracle that allows an attacker to recover RSA-OAEP plaintext with approximately 1000-2000 adaptive chosen ciphertext queries. Version 4.11.0 contains a patch. As a workaround, disable the NXP CAAM RSA driver with `CFG_CRYPTO_DRV_RSA=n`.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
通过时间差异性导致的信息暴露
Source: NVD (National Vulnerability Database)
Vulnerability Title
OP-TEE optee_os 侧信道信息泄露漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
OP-TEE optee_os是OP-TEE的安全操作系统。 OP-TEE optee_os 3.9.0版本至4.11.0之前版本存在日志信息泄露漏洞,该漏洞源于NXP CAAM加密驱动程序中RSA-OAEP解密实现使用非常量时间memcmp()进行标签哈希验证,并存在多个可区分的错误路径,导致拒绝服务攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
OP-TEEoptee_os >= 3.9.0, < 4.11.0 -

II. Public POCs for CVE-2026-41515

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-41515

登录查看更多情报信息。

Vendor Advisories for CVE-2026-41515 (1)

Same Patch Batch · OP-TEE · 2026-07-06 · 8 CVEs total

CVE-2026-402575.5 MEDIUMOP-TEE has SHA-3 accelerated finalize heap overflow
CVE-2026-443625.5 MEDIUMOP-TEE's subkey rollback protection can be bypassed with older subkey versions
CVE-2026-425463.8 LOWOP-TEE has missing OPTEE_MSG_ATTR_TYPE_MASK in cleanup_shm_refs() leaks mobj references
CVE-2026-414343.3 LOWOP-TEE has unbounded recursion in sanitize_client_object()
CVE-2026-415142.5 LOWOP-TEE: RSA-OAEP padding oracle in Hisilicon HPRE driver enables plaintext recovery
CVE-2026-415162.5 LOWOP-TEE: Hisilicon HPRE PKCS#1 v1.5 Decryption Padding Oracle
CVE-2026-53763OP-TEE has AES-GCM 32-bit integer overflow in length counters that breaks authentication g

IV. Related Vulnerabilities

V. Comments for CVE-2026-41515

No comments yet


Leave a comment