CVE-2026-45702: CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') in OP-TEE optee_os
OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.3.0 and prior to version 4.11.0, a type confusion vulnerability exists in OP-TEE OS when processing an FFA_MEM_SHARE request from the normal world. This only applies when OP-TEE is configured as an SPMC for S-EL0 SPs, that is, with `CFG_CORE_SEL1_SPMC=y` and `CFG_SECURE_PARTITION=y`. Version 4.11.0 fixes the issue.
AI Analysis
Technical Summary
OP-TEE OS, a Trusted Execution Environment for Arm Cortex-A cores using TrustZone, contains a type confusion vulnerability in versions 4.3.0 through 4.10.x. The issue arises when OP-TEE is configured with CFG_CORE_SEL1_SPMC=y and CFG_SECURE_PARTITION=y, specifically when handling FFA_MEM_SHARE requests from the non-secure world. This vulnerability can lead to an availability impact, such as a denial of service. The vulnerability is fixed in version 4.11.0.
Potential Impact
The vulnerability does not affect confidentiality or integrity but impacts availability, potentially causing denial of service conditions in the affected OP-TEE OS configurations. There are no known exploits in the wild at this time.
Mitigation Recommendations
Upgrade OP-TEE OS to version 4.11.0 or later, where this type confusion vulnerability is fixed. Since no official patch or temporary fix is documented beyond this version update, applying the vendor-provided update is the recommended remediation. Patch status is not explicitly confirmed beyond the version fix, so verify with the vendor advisory for the latest guidance.
CVE-2026-45702: CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') in OP-TEE optee_os
Description
OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.3.0 and prior to version 4.11.0, a type confusion vulnerability exists in OP-TEE OS when processing an FFA_MEM_SHARE request from the normal world. This only applies when OP-TEE is configured as an SPMC for S-EL0 SPs, that is, with `CFG_CORE_SEL1_SPMC=y` and `CFG_SECURE_PARTITION=y`. Version 4.11.0 fixes the issue.
CVSS v3.1
Score 4.4medium
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
OP-TEE OS, a Trusted Execution Environment for Arm Cortex-A cores using TrustZone, contains a type confusion vulnerability in versions 4.3.0 through 4.10.x. The issue arises when OP-TEE is configured with CFG_CORE_SEL1_SPMC=y and CFG_SECURE_PARTITION=y, specifically when handling FFA_MEM_SHARE requests from the non-secure world. This vulnerability can lead to an availability impact, such as a denial of service. The vulnerability is fixed in version 4.11.0.
Potential Impact
The vulnerability does not affect confidentiality or integrity but impacts availability, potentially causing denial of service conditions in the affected OP-TEE OS configurations. There are no known exploits in the wild at this time.
Mitigation Recommendations
Upgrade OP-TEE OS to version 4.11.0 or later, where this type confusion vulnerability is fixed. Since no official patch or temporary fix is documented beyond this version update, applying the vendor-provided update is the recommended remediation. Patch status is not explicitly confirmed beyond the version fix, so verify with the vendor advisory for the latest guidance.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-05-13T04:38:01.165Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a207a8be29bf47b50dc5169
Added to database: 6/3/2026, 7:03:39 PM
Last enriched: 6/3/2026, 7:18:57 PM
Last updated: 6/4/2026, 6:01:35 AM
Views: 9
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.