Hugo | DevOps | Cybersecurity2d ago

CVE-2026-40290 - Use-after-free in Op-Tee FF-A shared memory teardown. Race condition leads to potential memory corruption. CVSS 7.8. Unpatched. Update or apply mitigations now. #CVE #infosec #OpTee

https://www.valtersit.com/cve/CVE-2026-40290/

CVE-2026-40290 | Op-Tee | Valters IT Hub

OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone techn...

Valters IT Hub
Embedded RecipesMay 28

🎙️ Opening talk of Day 2 at #EmbeddedRecipes2026!

Rouven Czerwinski kicks off the second day with a comprehensive deep dive: "OP-TEE and its many features".

📥 Slides available here: https://cfp.embedded-recipes.org/media/er2026/submissions/YSADJ9/resources/OP-TEE_and_its_many_443enLf.pdf

#EmbeddedRecipes2026 #EmbeddedLinux #OPTEE #TrustZone #SecureBoot #ARMv8 #EmbeddedSecurity #OpenSource

Embedded RecipesMay 27

🎙️ Next talk at Embedded Recipes 2026!

Michael Tretter is on stage with a highly practical session: "Open Source Tools for Secure Boot on Rockchip RK3588".

#EmbeddedRecipes2026 #EmbeddedLinux #SecureBoot #Rockchip #RK3588 #OPTEE #barebox #OpenSource #Pengutronix

Marc Kleine-BuddeJan 23, 2025
OH: the "O" in #optee stands for open
#embedded_linux
Cloud ManulApr 16, 2024
Is somebody aware of any way to get an updated #OPTEE for #RK3588 ? I wrote to #Rockchip but did not get an answer. The OSS version of OP-TEE does not seem to have the necessary headers/definitions for that chip.
Jarkko SakkinenNov 15, 2023
If I did not have anything else to do I would reimplement this in Rust: https://github.com/microsoft/ms-tpm-20-ref. The code quality is not great in the original and it is not particularly complicated thing to do just time consuming. Looking how bad code quality is, I wonder why e.g. #OPTEE implementation is based on it (if I got this wrong please correct, 99% sure it is).

#tpm #arm #tee
GitHub - microsoft/ms-tpm-20-ref: Reference implementation of the TCG Trusted Platform Module 2.0 specification.

Reference implementation of the TCG Trusted Platform Module 2.0 specification. - GitHub - microsoft/ms-tpm-20-ref: Reference implementation of the TCG Trusted Platform Module 2.0 specification.

GitHub
Dickenhobelix @GPN 📞3531Jun 12, 2023
#OPTEE is known to the State of California to cause severe headache
NixFREAK -Nov 1, 2022

Anyone into #TEE (Trust execution environments)

Secure boot loaders key ladders?

https://www.riscure.com/tee-security-samsung-teegris-part-1/

#optee #hacking #exploit #vulnerable

Breaking TEE Security Part 1: TEEs, TrustZone and TEEGRIS - Riscure

In this series of blog posts about Samsung’s TEE OS we identify vulnerabilities in tee security and show how to exploit them.

Riscure