Integer Overflow Vulnerability in OP-TEE Affected by 32-bit Issue in Arm Technology
CVE-2026-53763
3.8LOW
What is CVE-2026-53763?
A vulnerability exists in OP-TEE, a Trusted Execution Environment for Arm Cortex-A cores, due to integer overflows in the AES-GCM implementation. This issue arises after processing more than 512 megabytes of payload or Additional Authenticated Data, which results in incorrect computation of the authentication tag's bit-length values. Affected versions include those prior to 4.11.0, with a patch available in version 4.11.0. Users are advised to upgrade, as no alternatives or workarounds are currently provided.
Affected Version(s)
optee_os >= 3.0.0, < 4.11.0
