CVE-2026-44362 in OP-TEE
Summary
by MITRE • 07/06/2026
OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.20.0 and prior to version 4.11.0, a vulnerability in OP-TEE’s subkey rollback protection allows the use of revoked or older subkey versions because the system fails to propagate versioning data during the Trusted Application (TA) loading process. In `core/crypto/signed_hdr.c`, the function `shdr_load_pub_key()` parses subkey headers but does not assign the `subkey_version` to the runtime `shdr_pub_key` structure. As a result, the `key->version` field remains at zero regardless of the version specified in the header. When `ree_fs_ta_open()` in `core/kernel/ree_fs_ta.c` calls `check_update_version()`, it passes this zeroed version to the rollback database. Because the database never receives a non-zero version to record, it never advances, effectively bypassing the rollback check and allowing TAs signed with downgraded subkey chains to load successfully. This impacts OP-TEE mainline configurations that utilize subkey-based signing chains for Trusted Application (TA) authentication. Version 4.11.0 contains a patch. No known workarounds are available.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 07/06/2026
The vulnerability described affects OP-TEE versions between 3.20.0 and 4.10.0, specifically targeting the subkey rollback protection mechanism within the Trusted Execution Environment. This issue resides in the core cryptographic handling components where the system fails to properly propagate versioning information during the Trusted Application loading process. The flaw demonstrates a critical weakness in the integrity verification chain that undermines the security guarantees provided by the TEE architecture. The vulnerability directly impacts the authentication and authorization mechanisms that rely on subkey version control to prevent the execution of potentially compromised or outdated Trusted Applications.
The technical root cause is found in the `shdr_load_pub_key()` function located within `core/crypto/signed_hdr.c`. This function properly parses the subkey headers but fails to correctly assign the `subkey_version` value to the runtime `shdr_pub_key` structure. The consequence of this omission is that the `key->version` field remains perpetually set to zero regardless of what version is specified in the actual header data. This represents a classic implementation flaw where data flow between parsing and storage components breaks down, creating a persistent state inconsistency that affects security validation. The issue manifests as a failure to maintain proper cryptographic lineage tracking which is essential for preventing rollback attacks.
During the Trusted Application loading sequence, when `ree_fs_ta_open()` in `core/kernel/ree_fs_ta.c` invokes `check_update_version()`, it passes this corrupted zeroed version value to the rollback database system. The database, expecting a valid non-zero version number to establish a baseline for comparison, never receives proper version information and therefore cannot perform effective version tracking. This creates a bypass condition where the rollback protection mechanism becomes effectively inactive, allowing malicious actors to load Trusted Applications signed with revoked or older subkey versions that should have been rejected by the system. The vulnerability operates at the intersection of cryptographic verification and access control enforcement, creating a pathway for unauthorized code execution.
This vulnerability directly impacts the operational security posture of OP-TEE implementations that rely on subkey-based signing chains for Trusted Application authentication. The flaw allows for downgrade attacks where older or compromised subkeys can be used to load Trusted Applications without proper version validation. From an ATT&CK perspective, this represents a technique for privilege escalation and code execution bypass through cryptographic weakness exploitation. The vulnerability aligns with CWE-295 which addresses improper certificate validation and CWE-327 which covers broken or weak cryptographic systems. Organizations utilizing OP-TEE in production environments face significant risk of compromised trusted application integrity, potentially allowing attackers to execute malicious code within the secure domain.
The recommended mitigation strategy involves upgrading to OP-TEE version 4.11.0 or later where the patch addresses the core issue by ensuring proper assignment of subkey version information during the loading process. The patch specifically corrects the `shdr_load_pub_key()` function to properly propagate version data to the runtime structure, thereby restoring the rollback protection mechanism's effectiveness. No viable workarounds exist for this vulnerability since it fundamentally breaks the cryptographic verification chain at its core implementation level. Security administrators should prioritize immediate deployment of the patched version across all affected systems and conduct thorough security assessments to identify any potential exploitation attempts that may have occurred during the vulnerable period.