CVE-2026-33317: CWE-125: Out-of-bounds Read in OP-TEE optee_os
CVE-2026-33317 is a high-severity vulnerability in OP-TEE's optee_os affecting versions 3. 13. 0 through 4. 10. 0. It involves an out-of-bounds read and write in the PKCS#11 Trusted Application due to missing checks in the function entry_get_attribute_value(). This flaw allows reading up to 7 bytes beyond the intended buffer and writing beyond the buffer boundary, potentially leading to memory corruption or crashes. The vulnerability is addressed by patches included in the upcoming version 4. 11. 0.
AI Analysis
Technical Summary
OP-TEE's optee_os versions 3.13.0 to 4.10.0 contain a vulnerability in the PKCS#11 Trusted Application where the function entry_get_attribute_value() lacks proper bounds checking. This results in an out-of-bounds read and write when processing a malformed template parameter in the PKCS11_CMD_GET_ATTRIBUTE_VALUE command. Specifically, the function can read up to 7 bytes beyond the template buffer and overwrite memory beyond the buffer with attribute values. The issue is tracked as CWE-125 (Out-of-bounds Read) and CWE-787 (Out-of-bounds Write). Patches fixing this issue have been committed and are expected in version 4.11.0.
Potential Impact
Successful exploitation could lead to memory corruption within the PKCS#11 Trusted Application, potentially causing crashes or enabling further compromise of the Trusted Execution Environment. The CVSS 3.1 score is 8.7 (High), reflecting local attack vector with low complexity, requiring low privileges but no user interaction, and impacting confidentiality and integrity with high severity and availability with low severity. No public exploits are known currently.
Mitigation Recommendations
A fix is available in the form of patches committed to the OP-TEE project and planned for release in version 4.11.0. Users should upgrade to OP-TEE optee_os version 4.11.0 or later once available. Until then, no official workaround or temporary fix is documented. Monitor the vendor advisory for updates and apply the official patch promptly upon release.
CVE-2026-33317: CWE-125: Out-of-bounds Read in OP-TEE optee_os
Description
CVE-2026-33317 is a high-severity vulnerability in OP-TEE's optee_os affecting versions 3. 13. 0 through 4. 10. 0. It involves an out-of-bounds read and write in the PKCS#11 Trusted Application due to missing checks in the function entry_get_attribute_value(). This flaw allows reading up to 7 bytes beyond the intended buffer and writing beyond the buffer boundary, potentially leading to memory corruption or crashes. The vulnerability is addressed by patches included in the upcoming version 4. 11. 0.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
OP-TEE's optee_os versions 3.13.0 to 4.10.0 contain a vulnerability in the PKCS#11 Trusted Application where the function entry_get_attribute_value() lacks proper bounds checking. This results in an out-of-bounds read and write when processing a malformed template parameter in the PKCS11_CMD_GET_ATTRIBUTE_VALUE command. Specifically, the function can read up to 7 bytes beyond the template buffer and overwrite memory beyond the buffer with attribute values. The issue is tracked as CWE-125 (Out-of-bounds Read) and CWE-787 (Out-of-bounds Write). Patches fixing this issue have been committed and are expected in version 4.11.0.
Potential Impact
Successful exploitation could lead to memory corruption within the PKCS#11 Trusted Application, potentially causing crashes or enabling further compromise of the Trusted Execution Environment. The CVSS 3.1 score is 8.7 (High), reflecting local attack vector with low complexity, requiring low privileges but no user interaction, and impacting confidentiality and integrity with high severity and availability with low severity. No public exploits are known currently.
Mitigation Recommendations
A fix is available in the form of patches committed to the OP-TEE project and planned for release in version 4.11.0. Users should upgrade to OP-TEE optee_os version 4.11.0 or later once available. Until then, no official workaround or temporary fix is documented. Monitor the vendor advisory for updates and apply the official patch promptly upon release.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-03-18T21:23:36.677Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69eada9887115cfb68a5e992
Added to database: 4/24/2026, 2:51:04 AM
Last enriched: 4/24/2026, 3:06:27 AM
Last updated: 4/24/2026, 4:26:59 AM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.