{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-33662", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-23T15:23:42.219Z", "datePublished": "2026-04-24T18:13:28.529Z", "dateUpdated": "2026-04-24T19:00:51.713Z"}, "containers": {"cna": {"title": "OP-TEE: RSASSA EMSA- PKCS1-v1_5 underflow in emsa_pkcs1_v1_5_encode()", "problemTypes": [{"descriptions": [{"cweId": "CWE-190", "lang": "en", "description": "CWE-190: Integer Overflow or Wraparound", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/OP-TEE/optee_os/security/advisories/GHSA-4cf8-v5g3-73gr", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/OP-TEE/optee_os/security/advisories/GHSA-4cf8-v5g3-73gr"}], "affected": [{"vendor": "OP-TEE", "product": "optee_os", "versions": [{"version": ">= 3.8.0, <= 4.10", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-24T18:13:28.529Z"}, "descriptions": [{"lang": "en", "value": "OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. From 3.8.0 to 4.10, in the function emsa_pkcs1_v1_5_encode() in core/drivers/crypto/crypto_api/acipher/rsassa.c, the amount of padding needed, \"PS size\", is calculated by subtracting the size of the digest and other fields required for the EMA-PKCS1-v1_5 encoding from the size of the modulus of the key. By selecting a small enough modulus, this subtraction can overflow. The padding is added as a string of 0xFF bytes with a call to memset(), and an underflowed integer will cause the memset() call to overwrite until OP-TEE crashes. This only affects platforms registering RSA acceleration."}], "source": {"advisory": "GHSA-4cf8-v5g3-73gr", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-24T19:00:09.301248Z", "id": "CVE-2026-33662", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-24T19:00:51.713Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-33662", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-24T19:00:09.301248Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-24T19:00:15.848Z"}}], "cna": {"title": "OP-TEE: RSASSA EMSA- PKCS1-v1_5 underflow in emsa_pkcs1_v1_5_encode()", "source": {"advisory": "GHSA-4cf8-v5g3-73gr", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "OP-TEE", "product": "optee_os", "versions": [{"status": "affected", "version": ">= 3.8.0, <= 4.10"}]}], "references": [{"url": "https://github.com/OP-TEE/optee_os/security/advisories/GHSA-4cf8-v5g3-73gr", "name": "https://github.com/OP-TEE/optee_os/security/advisories/GHSA-4cf8-v5g3-73gr", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. From 3.8.0 to 4.10, in the function emsa_pkcs1_v1_5_encode() in core/drivers/crypto/crypto_api/acipher/rsassa.c, the amount of padding needed, \"PS size\", is calculated by subtracting the size of the digest and other fields required for the EMA-PKCS1-v1_5 encoding from the size of the modulus of the key. By selecting a small enough modulus, this subtraction can overflow. The padding is added as a string of 0xFF bytes with a call to memset(), and an underflowed integer will cause the memset() call to overwrite until OP-TEE crashes. This only affects platforms registering RSA acceleration."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-190", "description": "CWE-190: Integer Overflow or Wraparound"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-24T18:13:28.529Z"}}}, "cveMetadata": {"cveId": "CVE-2026-33662", "state": "PUBLISHED", "dateUpdated": "2026-04-24T19:00:51.713Z", "dateReserved": "2026-03-23T15:23:42.219Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-04-24T18:13:28.529Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linaro:op-tee:*:*:*:*:*:*:*:*", "matchCriteriaId": "E5C1ECB7-B91B-4E11-8C78-951865EF01E0", "versionEndIncluding": "4.10.0", "versionStartIncluding": "3.8.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. From 3.8.0 to 4.10, in the function emsa_pkcs1_v1_5_encode() in core/drivers/crypto/crypto_api/acipher/rsassa.c, the amount of padding needed, \"PS size\", is calculated by subtracting the size of the digest and other fields required for the EMA-PKCS1-v1_5 encoding from the size of the modulus of the key. By selecting a small enough modulus, this subtraction can overflow. The padding is added as a string of 0xFF bytes with a call to memset(), and an underflowed integer will cause the memset() call to overwrite until OP-TEE crashes. This only affects platforms registering RSA acceleration."}], "id": "CVE-2026-33662", "lastModified": "2026-04-28T15:48:13.150", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-24T19:17:09.997", "references": [{"source": "security-advisories@github.com", "tags": ["Vendor Advisory", "Patch"], "url": "https://github.com/OP-TEE/optee_os/security/advisories/GHSA-4cf8-v5g3-73gr"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[3.8.0,4.10]"}}], "enrichment": {"confidence": 97.0, "confidence_source": "matching", "scores": [{"score": 97.0, "source": "matching"}]}, "original": {"product": "optee_os", "source": "cna", "vendor": "OP-TEE"}, "product": "op-tee_os", "vendor": "op-tee"}], "analysis": {"en": {"generated_at": "2026-04-28T05:54:50.353179+00:00", "value": {"mitigation_remediation": ["Upgrade OP\u2011TEE to 4.11.0 or later where the underflow check has been added by the maintainers.", "If a software upgrade is not immediately possible, disable or remove RSA acceleration support on the affected platform to eliminate the vulnerable code path.", "Monitor OP\u2011TEE logs and system stability for crash indicators and consider deploying additional application\u2011level watchdogs to detect and recover from OP\u2011TEE failures."], "summary": {"action": "Apply Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "The flaw is present in OP\u2011TEE versions 3.8.0 through 4.10 on Arm Cortex\u2011A platforms that register RSA acceleration. It does not affect other OP\u2011TEE releases or platforms that do not enable RSA acceleration.", "description_and_impact": "An integer underflow in the padding calculation of the RSASSA EMSA-1_5 encoding routine causes a negative padding size, which is passed to memset and results in an out\u2011of\u2011bounds memory overwrite. The exploit triggers a crash of the OP\u2011TEE Trusted Execution Environment, leading to a denial of service. The vulnerability is a classic integer overflow condition (CWE\u2011190).", "risk_and_exploitability": "The CVSS score of 7.5 indicates high severity, yet the EPSS score of < 1% signals a very low likelihood of exploitation. The vulnerability is not listed in the CISA KEV catalog. Because the flaw requires triggering RSA operations with a small modulus on a system that supports RSA acceleration, the attack vector is inferred to be local or via an application that performs such operations. If exploited, an attacker can force OP\u2011TEE to crash but cannot directly compromise data or obtain read/write access to the secure world. The overall risk is moderate to high for environments that rely on OP\u2011TEE for cryptographic services, but the exploitation probability remains low."}}}}, "created": "2026-04-27T20:15:12.107973+00:00", "updated": "2026-04-28T06:00:09.606785+00:00", "vendors": ["op-tee", "op-tee$PRODUCT$op-tee_os"]}