SB2026062644 - Use-after-free in Linux kernel tee optee driver
Published: June 26, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Use-after-free (CVE-ID: CVE-2026-53273)
CWE-ID: CWE-416 - Use After Free
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a use-after-free in the optee supplicant request handling in drivers/tee/optee/supp.c when a client exits before the supplicant finishes processing its request. A local user can trigger a race condition to cause a denial of service.
The issue occurs because the request can be freed by the client while its request ID remains referenced on the supplicant path.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/373152c94e57e9592b68c100e224fbd943cfd608
- https://git.kernel.org/stable/c/387a926ee166814611acecb960207fe2f3c4fd3e
- https://git.kernel.org/stable/c/416259cb5bffecaaae5f76539deb535a8c1b2c34
- https://git.kernel.org/stable/c/724d0caffd4204b46f78efe22f18f8338031c6e1
- https://git.kernel.org/stable/c/9a0dc9279d0907b198f205a693aedf696b08145d
- https://git.kernel.org/stable/c/ae847ab29ded2d7cece4d5970f0edefa4137bf2f
- https://git.kernel.org/stable/c/d366a01475f927402c96a3fe78bfc06b924fc87d
- https://git.kernel.org/stable/c/d5b57bb314d79e99bebb58a53588fa11dd4dbf69