CVE-2026-33317: CWE-125: Out-of-bounds Read in OP-TEE optee_os
CVE-2026-33317 is a high-severity vulnerability in OP-TEE's optee_os affecting versions 3. 13. 0 through 4. 10. 0. It involves an out-of-bounds read and write in the PKCS#11 Trusted Application due to missing checks in the entry_get_attribute_value() function. This flaw can cause reading up to 7 bytes beyond a buffer's end and writing beyond the buffer with attribute data, potentially leading to information disclosure, integrity compromise, or a crash. Patches addressing this issue are included in commits expected to be part of version 4. 11. 0.
AI Analysis
Technical Summary
OP-TEE's optee_os versions 3.13.0 to 4.10.0 contain a vulnerability (CVE-2026-33317) due to missing boundary checks in the entry_get_attribute_value() function within the PKCS#11 Trusted Application. This allows an attacker to cause an out-of-bounds read and write by supplying a crafted template parameter to the PKCS11_CMD_GET_ATTRIBUTE_VALUE command, reading up to 7 bytes beyond the intended buffer and overwriting memory beyond the buffer with attribute values. This can lead to information disclosure, data corruption, or a crash. Fixes have been committed and are expected in version 4.11.0.
Potential Impact
The vulnerability can result in high confidentiality and integrity impacts due to out-of-bounds memory access and modification within the PKCS#11 TA heap. It may also cause a low impact on availability through crashes. Exploitation requires local privileges with access to the PKCS#11 TA interface. No known exploits are currently reported in the wild.
Mitigation Recommendations
Patches addressing this vulnerability have been committed and are anticipated to be included in OP-TEE version 4.11.0. Users should upgrade to version 4.11.0 or later once available. Until then, monitor the vendor advisory for official patch releases and avoid supplying untrusted input to the PKCS#11 TA interface. Patch status is not yet confirmed; check the vendor advisory for current remediation guidance.
CVE-2026-33317: CWE-125: Out-of-bounds Read in OP-TEE optee_os
Description
CVE-2026-33317 is a high-severity vulnerability in OP-TEE's optee_os affecting versions 3. 13. 0 through 4. 10. 0. It involves an out-of-bounds read and write in the PKCS#11 Trusted Application due to missing checks in the entry_get_attribute_value() function. This flaw can cause reading up to 7 bytes beyond a buffer's end and writing beyond the buffer with attribute data, potentially leading to information disclosure, integrity compromise, or a crash. Patches addressing this issue are included in commits expected to be part of version 4. 11. 0.
CVSS v3.1
Score 8.7high
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
OP-TEE's optee_os versions 3.13.0 to 4.10.0 contain a vulnerability (CVE-2026-33317) due to missing boundary checks in the entry_get_attribute_value() function within the PKCS#11 Trusted Application. This allows an attacker to cause an out-of-bounds read and write by supplying a crafted template parameter to the PKCS11_CMD_GET_ATTRIBUTE_VALUE command, reading up to 7 bytes beyond the intended buffer and overwriting memory beyond the buffer with attribute values. This can lead to information disclosure, data corruption, or a crash. Fixes have been committed and are expected in version 4.11.0.
Potential Impact
The vulnerability can result in high confidentiality and integrity impacts due to out-of-bounds memory access and modification within the PKCS#11 TA heap. It may also cause a low impact on availability through crashes. Exploitation requires local privileges with access to the PKCS#11 TA interface. No known exploits are currently reported in the wild.
Mitigation Recommendations
Patches addressing this vulnerability have been committed and are anticipated to be included in OP-TEE version 4.11.0. Users should upgrade to version 4.11.0 or later once available. Until then, monitor the vendor advisory for official patch releases and avoid supplying untrusted input to the PKCS#11 TA interface. Patch status is not yet confirmed; check the vendor advisory for current remediation guidance.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-03-18T21:23:36.677Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69eada9887115cfb68a5e992
Added to database: 4/24/2026, 2:51:04 AM
Last enriched: 5/1/2026, 8:43:20 PM
Last updated: 6/7/2026, 9:16:57 PM
Views: 79
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.