CVE-2019-25052

Published August 11th, 2021

View on NVD ↗

CVSS v3

9.1

CRITICAL

CVSS v2

6.4

MEDIUM

Affected

PROJECT

Description

In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call update and final cryptographic functions directly, causing a crash that could leak sensitive information.

OP-TEE/optee_os

Trusted side of the TEE

GitHub

1.89K