All 8 CVE vulnerabilities found in optee_os, with AI-generated Chinese analysis, references, and POCs.
Vendor: OP-TEE
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-45702 | OP-TEE has FF-A type confusion in SPMC tmem path that causes S-EL1 kernel panic CWE-843 | 4.4 | Medium | 2026-06-03 |
| CVE-2026-45614 | OP-TEE vulnerable to ECDH private key recovery CWE-347 | 4.7 | Medium | 2026-06-03 |
| CVE-2026-40290 | OP-TEE has a Use-After-Free race in FF-A shared-memory teardown CWE-416 | 7.8 | High | 2026-06-03 |
| CVE-2026-33662 | OP-TEE: RSASSA EMSA- PKCS1-v1_5 underflow in emsa_pkcs1_v1_5_encode() CWE-190 | 7.5 | High | 2026-04-24 |
| CVE-2026-33317 | OP-TEE: PKCS#11 TA out-of-bounds read and memory disclosure CWE-125 | 8.7 | High | 2026-04-24 |
| CVE-2025-46733 | REE userspace code can panic TAs, leading to fTPM PCR reset and data disclosure CWE-755 | 7.9 | High | 2025-07-04 |
| CVE-2023-41325 | OP-TEE double free in shdr_verify_signature CWE-415 | 7.4 | High | 2023-09-15 |
| CVE-2022-46152 | OP-TEE Trusted OS vulnerable to Improper Validation of Array Index in the cleanup_shm_refs function CWE-129 | 8.2 | High | 2022-11-29 |
All 8 known CVE vulnerabilities affecting optee_os with full Chinese analysis, references, and POCs where available.