CVE-2017-1000412

NONE EPSS 77.4%
Published Jan 2, 20188y ago · Modified Jun 17, 20262w ago
Find Similar
Published Jan 2, 2018 8y ago
Last Modified Jun 17, 2026 2w ago

Description

Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and older) is vulnerable to the bellcore attack in the LibTomCrypt code resulting in compromised private RSA key.

Threat Intelligence

EPSS Exploit Probability
77.4% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor Information Exposure

Affected Products 1

VendorProductVersionRange
linaroop-tee* ≤2.4.0

References 3

  • github.com https://github.com/OP-TEE/optee_os/blob/2.5.0/CHANGELOG.md
    Third Party Advisory
  • github.com https://github.com/OP-TEE/optee_os/pull/1610
    Third Party Advisory
  • op-tee.org https://www.op-tee.org/security-advisories/
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.