PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-41515 OP-TEE CVE debrief

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-06T20:16:32.060Z and has not been modified since then. This vulnerability affects OP-TEE versions between 3.9.0 and 4.10.0, allowing an attacker to recover RSA-OAEP plaintext with approximately 1000-2000 adaptive chosen ciphertext queries. The vulnerability is classified as a Manger-style padding oracle attack. Users of affected versions should apply patch version 4.11.0 or disable the NXP CAAM RSA driver.

Vendor
OP-TEE
Product
optee_os
CVSS
LOW 2.5
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-06
Original CVE updated
2026-07-07
Advisory published
2026-07-06
Advisory updated
2026-07-07

Who should care

Users of OP-TEE versions between 3.9.0 and 4.10.0 should apply patch version 4.11.0 or disable the NXP CAAM RSA driver with `CFG_CRYPTO_DRV_RSA=n`. Affected operators, platforms, vulnerability-management teams, and security teams should review the official advisory and CVE record to validate affected systems and plan for mitigation.

Technical summary

The RSA-OAEP decryption implementation in the NXP CAAM crypto driver of OP-TEE uses non-constant-time `memcmp()` for label hash verification and has multiple distinguishable error paths, creating a Manger-style padding oracle that allows an attacker to recover RSA-OAEP plaintext with approximately 1000-2000 adaptive chosen ciphertext queries. This vulnerability affects OP-TEE versions between 3.9.0 and 4.10.0. The patch version 4.11.0 mitigates this vulnerability.

Defensive priority

Apply patch version 4.11.0 or disable the NXP CAAM RSA driver with `CFG_CRYPTO_DRV_RSA=n` to mitigate the vulnerability. Prioritize patching for systems with high exposure or critical infrastructure.

Recommended defensive actions

  • Apply patch version 4.11.0
  • Disable the NXP CAAM RSA driver with `CFG_CRYPTO_DRV_RSA=n`
  • Inventory and update vulnerable OP-TEE versions
  • Monitor for adaptive chosen ciphertext queries
  • Exception tracking for potential padding oracle attacks
  • Review compensating controls for exposed systems while remediation is scheduled and verified
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented

Evidence notes

The CVE record and NVD detail provide evidence of the vulnerability and its mitigation. The GitHub advisory provides additional information on the patch. Evidence limits suggest that further verification is needed to confirm affected scope and severity. Defenders should review the official advisory and CVE record to validate affected systems and apply patch version 4.11.0 or disable the NXP CAAM RSA driver with `CFG_CRYPTO_DRV_RSA=n`.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-06T20:16:32.060Z and has not been modified since then.