CVE-2026-41434 - OP-TEE has unbounded recursion in sanitize_client_object()
CVE ID :CVE-2026-41434
Published : July 6, 2026, 6:16 p.m. | 28 minutes ago
Description :OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.10.0 and prior to version 4.11.0, an unbounded recursion can crash the PKCS#11 TA. Version 4.11.0 contains a patch. No known workarounds are available.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : July 6, 2026, 6:16 p.m. | 28 minutes ago
Description :OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.10.0 and prior to version 4.11.0, an unbounded recursion can crash the PKCS#11 TA. Version 4.11.0 contains a patch. No known workarounds are available.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...