Heap Overflow Vulnerability in OP-TEE Affected by SHA-3 Implementation Error
CVE-2026-40257
5.5MEDIUM
What is CVE-2026-40257?
The OP-TEE Trusted Execution Environment (TEE), designed to work alongside non-secure Linux kernels on Arm Cortex-A cores, has been identified to contain a critical off-by-one error in its accelerated SHA-3 implementation. This vulnerability, present in OP-TEE versions 3.21.0 to 4.10.0, can lead to a substantial heap overflow, corrupting all TEE kernel memory following the hash state. This issue primarily affects systems that are configured with the ARMv8.2 Crypto Extensions enabled (CFG_CRYPTO_WITH_CE82=y). Users are advised to upgrade to version 4.11.0 or disable the SHA-3 Crypto Extensions as a temporary measure.
Affected Version(s)
optee_os >= 3.21.0, < 4.11.0
