CVE-2026-45702 in optee_osИнформация

Сводка

по MITRE • 03.06.2026

OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.3.0 and prior to version 4.11.0, a type confusion vulnerability exists in OP-TEE OS when processing an FFA_MEM_SHARE request from the normal world. This only applies when OP-TEE is configured as an SPMC for S-EL0 SPs, that is, with `CFG_CORE_SEL1_SPMC=y` and `CFG_SECURE_PARTITION=y`. Version 4.11.0 fixes the issue.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Ответственный

GitHub M

Резервировать

13.05.2026

Раскрытие

03.06.2026

Модерация

принято

Вход

VDB-368195

CPE

готов

CWE

CWE-843 (Подтверждённый)

CVSS

4.4 (CNA)

EPSS

0.00000

KEV

Нет

Деятельности

Низкий

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-45702
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-45702
CVE Details	https://www.cvedetails.com/cve/CVE-2026-45702/

◂ Предыдущий Обзор Далее ▸

Want to know what is going to be exploited?

We predict KEV entries!