CVE-2021-44733

HIGH

Linux Kernel < 5.15.11 - Use-After-Free in TEE Shared Memory Handling

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-44733. PoCs published by pjlantz.

AI-analyzed exploit summary This repository provides a detailed writeup and fuzzing description for CVE-2021-44733, a use-after-free vulnerability in the Linux kernel TEE subsystem up to version 5.15.11. It includes a syzkaller fuzzing configuration and an explanation of the exploitation process, though no full exploit code is present.

Description

A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.

Exploits (1)

nomisec WRITEUP 76 stars
by pjlantz · poc
https://github.com/pjlantz/optee-qemu

This repository provides a detailed writeup and fuzzing description for CVE-2021-44733, a use-after-free vulnerability in the Linux kernel TEE subsystem up to version 5.15.11. It includes a syzkaller fuzzing configuration and an explanation of the exploitation process, though no full exploit code is present.

Classification
Writeup 90%
Attack Type
Lpe
Complexity
Complex
Reliability
Theoretical
Target: Linux kernel TEE subsystem (up to 5.15.11)
No auth needed
Prerequisites: Access to a vulnerable Linux kernel with CONFIG_OPTEE enabled · Ability to interact with /dev/tee0 device
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

Scores

CVSS v3 7.0
EPSS 0.0069
EPSS Percentile 48.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-362
Status published
Products (14)
debian/debian_linux 9.0
debian/debian_linux 10.0
debian/debian_linux 11.0
fedoraproject/fedora 35
linux/linux_kernel < 5.15.11
netapp/h300e_firmware
netapp/h300s_firmware
netapp/h410c_firmware
netapp/h410s_firmware
netapp/h500e_firmware
... and 4 more
Published Dec 22, 2021
Tracked Since Feb 18, 2026