VYPR

Op Tee

by Linaro

Source repositories

CVEs (8)

  • CVE-2019-1010292CriJul 16, 2019
    risk 0.64cvss 9.8epss 0.02

    Linaro/OP-TEE OP-TEE Prior to version v3.4.0 is affected by: Boundary checks. The impact is: This could lead to corruption of any memory which the TA can access. The component is: optee_os. The fixed version is: v3.4.0.

  • CVE-2019-1010298CriJul 15, 2019
    risk 0.64cvss 9.8epss 0.04

    Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in the context of TEE core (kernel). The component is: optee_os. The fixed version is: 3.4.0 and later.

  • CVE-2019-1010297CriJul 15, 2019
    risk 0.64cvss 9.8epss 0.03

    Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Execution of code in TEE core (kernel) context. The component is: optee_os. The fixed version is: 3.4.0 and later.

  • CVE-2019-1010296CriJul 15, 2019
    risk 0.64cvss 9.8epss 0.03

    Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in context of TEE core (kernel). The component is: optee_os. The fixed version is: 3.4.0 and later.

  • CVE-2019-1010295CriJul 15, 2019
    risk 0.64cvss 9.8epss 0.02

    Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Memory corruption and disclosure of memory content. The component is: optee_os. The fixed version is: 3.4.0 and later.

  • CVE-2019-1010293CriJul 15, 2019
    risk 0.64cvss 9.8epss 0.02

    Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Boundary crossing. The impact is: Memory corruption of the TEE itself. The component is: optee_os. The fixed version is: 3.4.0 and later.

  • CVE-2019-1010294HigJul 15, 2019
    risk 0.49cvss 7.5epss 0.01

    Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Rounding error. The impact is: Potentially leaking code and/or data from previous Trusted Application. The component is: optee_os. The fixed version is: 3.4.0 and later.

  • CVE-2017-1000412HigJan 2, 2018
    risk 0.00cvss 7.5epss 0.02

    Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and older) is vulnerable to the bellcore attack in the LibTomCrypt code resulting in compromised private RSA key.