Description

OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. From 3.8.0 to 4.10, in the function emsa_pkcs1_v1_5_encode() in core/drivers/crypto/crypto_api/acipher/rsassa.c, the amount of padding needed, "PS size", is calculated by subtracting the size of the digest and other fields required for the EMA-PKCS1-v1_5 encoding from the size of the modulus of the key. By selecting a small enough modulus, this subtraction can overflow. The padding is added as a string of 0xFF bytes with a call to memset(), and an underflowed integer will cause the memset() call to overwrite until OP-TEE crashes. This only affects platforms registering RSA acceleration.

INFO

Published Date :

2026-04-24T18:13:28.529Z

Last Modified :

2026-04-24T19:00:51.713Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-33662 vulnerability.

Vendors Products
Linaro
  • Op-tee
Op-tee
  • Op-tee Os
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-33662.

URL Resource
https://github.com/OP-TEE/optee_os/security/advisories/GHSA-4cf8-v5g3-73gr cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact