Bug 2497453 (CVE-2026-44362)
| Summary: | CVE-2026-44362 optee: OP-TEE: Subkey rollback protection bypass allows loading of unauthorized Trusted Applications | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | Keywords: | Security |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was found in OP-TEE, a Trusted Execution Environment (TEE) for Arm Cortex-A cores. This vulnerability allows a local attacker to bypass subkey rollback protection due to a failure in propagating versioning data during the Trusted Application (TA) loading process. Specifically, the system incorrectly processes subkey headers, preventing the rollback database from advancing. This enables the successful loading of Trusted Applications signed with revoked or older subkey versions, potentially compromising the integrity of the secure environment.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2497692 | ||
| Bug Blocks: | |||
|
Description
OSIDB Bzimport
2026-07-06 20:01:56 UTC
|