Heap Overflow Vulnerability in OP-TEE Affected by SHA-3 Implementation Error
CVE-2026-40257

5.5MEDIUM

Key Information:

Vendor

Op-tee

Status
Vendor
CVE Published:
6 July 2026

What is CVE-2026-40257?

The OP-TEE Trusted Execution Environment (TEE), designed to work alongside non-secure Linux kernels on Arm Cortex-A cores, has been identified to contain a critical off-by-one error in its accelerated SHA-3 implementation. This vulnerability, present in OP-TEE versions 3.21.0 to 4.10.0, can lead to a substantial heap overflow, corrupting all TEE kernel memory following the hash state. This issue primarily affects systems that are configured with the ARMv8.2 Crypto Extensions enabled (CFG_CRYPTO_WITH_CE82=y). Users are advised to upgrade to version 4.11.0 or disable the SHA-3 Crypto Extensions as a temporary measure.

Affected Version(s)

optee_os >= 3.21.0, < 4.11.0

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.