PatchSiren cyber security CVE debrief
CVE-2026-41515 OP-TEE CVE debrief
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-06T20:16:32.060Z and has not been modified since then. This vulnerability affects OP-TEE versions between 3.9.0 and 4.10.0, allowing an attacker to recover RSA-OAEP plaintext with approximately 1000-2000 adaptive chosen ciphertext queries. The vulnerability is classified as a Manger-style padding oracle attack. Users of affected versions should apply patch version 4.11.0 or disable the NXP CAAM RSA driver.
- Vendor
- OP-TEE
- Product
- optee_os
- CVSS
- LOW 2.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-06
- Original CVE updated
- 2026-07-07
- Advisory published
- 2026-07-06
- Advisory updated
- 2026-07-07
Who should care
Users of OP-TEE versions between 3.9.0 and 4.10.0 should apply patch version 4.11.0 or disable the NXP CAAM RSA driver with `CFG_CRYPTO_DRV_RSA=n`. Affected operators, platforms, vulnerability-management teams, and security teams should review the official advisory and CVE record to validate affected systems and plan for mitigation.
Technical summary
The RSA-OAEP decryption implementation in the NXP CAAM crypto driver of OP-TEE uses non-constant-time `memcmp()` for label hash verification and has multiple distinguishable error paths, creating a Manger-style padding oracle that allows an attacker to recover RSA-OAEP plaintext with approximately 1000-2000 adaptive chosen ciphertext queries. This vulnerability affects OP-TEE versions between 3.9.0 and 4.10.0. The patch version 4.11.0 mitigates this vulnerability.
Defensive priority
Apply patch version 4.11.0 or disable the NXP CAAM RSA driver with `CFG_CRYPTO_DRV_RSA=n` to mitigate the vulnerability. Prioritize patching for systems with high exposure or critical infrastructure.
Recommended defensive actions
- Apply patch version 4.11.0
- Disable the NXP CAAM RSA driver with `CFG_CRYPTO_DRV_RSA=n`
- Inventory and update vulnerable OP-TEE versions
- Monitor for adaptive chosen ciphertext queries
- Exception tracking for potential padding oracle attacks
- Review compensating controls for exposed systems while remediation is scheduled and verified
- Track exceptions, retest remediated assets, and close the item only after evidence is documented
Evidence notes
The CVE record and NVD detail provide evidence of the vulnerability and its mitigation. The GitHub advisory provides additional information on the patch. Evidence limits suggest that further verification is needed to confirm affected scope and severity. Defenders should review the official advisory and CVE record to validate affected systems and apply patch version 4.11.0 or disable the NXP CAAM RSA driver with `CFG_CRYPTO_DRV_RSA=n`.
Official resources
-
CVE-2026-41515 CVE record
CVE.org
-
CVE-2026-41515 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Mitigation, Vendor Advisory, Patch
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-06T20:16:32.060Z and has not been modified since then.