CVE-2019-1010298

CRITICAL

Linaro/OP-TEE OP-TEE <3.4.0 - Buffer Overflow

Title source: llm

Description

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in the context of TEE core (kernel). The component is: optee_os. The fixed version is: 3.4.0 and later.

Exploits (1)

nomisec WORKING POC 16 stars

by RKX1209 · poc

https://github.com/RKX1209/CVE-2019-1010298

View Code ZIP pw:eip

References (1)

[Patch, Third Party Advisory] https://github.com/OP-TEE/optee_os/commit/70697bf3c5dc3d201341b01a1a8e5bc6d2fb48f8

Scores

CVSS v3 9.8

EPSS 0.0546

EPSS Percentile 90.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-190 CWE-787

Status published

Products (1)

linaro/op-tee < 3.3.0

Published Jul 15, 2019

Tracked Since Feb 18, 2026