SB2026062644 - Use-after-free in Linux kernel tee optee driver



SB2026062644 - Use-after-free in Linux kernel tee optee driver

Published: June 26, 2026

Security Bulletin ID SB2026062644
CSH Severity
Low
Patch available
YES
Number of vulnerabilities 1
Exploitation vector Local access
Highest impact Denial of service

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 vulnerability.


1) Use-after-free (CVE-ID: CVE-2026-53273)

CWE-ID: CWE-416 - Use After Free

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a local user to cause a denial of service.

The vulnerability exists due to a use-after-free in the optee supplicant request handling in drivers/tee/optee/supp.c when a client exits before the supplicant finishes processing its request. A local user can trigger a race condition to cause a denial of service.

The issue occurs because the request can be freed by the client while its request ID remains referenced on the supplicant path.


Remediation

Install update from vendor's website.