CVE-2022-46152 — Improper Validation of Array Index in Optee OS

CWE-129 — Improper Validation of Array Index2 documents2 sources

Severity

8.8HIGHNVD

EPSS

0.3%

top 45.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Op-tee Optee OS Op-tee OS Debian Optee-os

Timeline

PublishedNov 29

Description

OP-TEE Trusted OS is the secure side implementation of OP-TEE project, a Trusted Execution Environment. Versions prior to 3.19.0, contain an Improper Validation of Array Index vulnerability. The function `cleanup_shm_refs()` is called by both `entry_invoke_command()` and `entry_open_session()`. The commands `OPTEE_MSG_CMD_OPEN_SESSION` and `OPTEE_MSG_CMD_INVOKE_COMMAND` can be executed from the normal world via an OP-TEE SMC. This function is not validating the `num_params` argument, which is on…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.0 | Impact: 6.0

Affected Packages3 packages

▶CVEListV5op-tee/optee_os< 3.19.0

▶NVDop-tee/op-tee_os< 3.19.0

▶debiandebian/optee-os

Patches

Patch: github.com ↗Patch: github.com ↗

📋Vendor Advisories

Debian

CVE-2022-46152: optee-os - OP-TEE Trusted OS is the secure side implementation of OP-TEE project, a Trusted...↗2022

▶