HIGH 7.8

CVE-2026-40290: OP-TEE Use-After-Free Race Condition in Shared Memory Management

OP-TEE is a trusted execution environment that provides a secure processing space on Arm-based processors. A race condition in OP-TEE versions 3.16.0 through 4.10.x creates a use-after-free vulnerability in the shared memory management code. The vulnerability occurs when OP-TEE is configured to manage secure partitions (a specific operational mode). A local user could exploit this by timing concurrent operations on shared memory to cause the system to access memory that has already been freed, potentially compromising the confidentiality, integrity, or availability of the secure environment.

Source data · NVD / CISA · public domain

CVSS
3.1 · 7.8 HIGH · CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weaknesses (CWE)
CWE-416
Affected products
1 configuration(s)
Published / Modified
2026-06-03 / 2026-06-17

NVD description (verbatim)

OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.16.0 and prior to 4.11.0, a user-after-free (UAF) race condition exists in the shared memory teardown logic of FF-A within OP-TEE SPMC/SP flows. This only applies when OP-TEE is configured as an SPMC for S-EL0 SPs, that is, with `CFG_SECURE_PARTITION=y`. The function `sp_mem_remove()`, responsible for freeing entries in `smem->receivers` and `smem->regions`, fails to acquire the global `sp_mem_lock` before performing the `free()` operations. Concurrently, other code paths, such as `sp_mem_get_receiver()`, iterate over these same lists without holding a lock, or, like `sp_mem_is_shared()`, iterate while holding the lock but are not serialized against the unprotected `free()` in `sp_mem_remove()`. This creates a cross-thread race where a thread iterating the list can acquire a pointer to an entry (e.g., `struct sp_mem_map_region` or `struct sp_mem_receiver`), and then another thread calls `sp_mem_remove()`, freeing the object. When the first thread resumes and dereferences the pointer, it results in a Use-After-Free vulnerability. Version 4.11.0 fixes the issue.

2 reference(s) · View on NVD →

SEC.co analysis · AI-assisted, reviewed against source

Technical summary

The vulnerability exists in the FF-A shared memory teardown logic within OP-TEE's SPMC/SP flows. Specifically, the `sp_mem_remove()` function fails to acquire the `sp_mem_lock` mutex before freeing entries in the `smem->receivers` and `smem->regions` linked lists. Meanwhile, other kernel code paths such as `sp_mem_get_receiver()` and `sp_mem_is_shared()` access these same data structures—sometimes without any lock, sometimes with the lock—creating an unserializable race condition. A thread can read a pointer to a data structure (e.g., `struct sp_mem_map_region` or `struct sp_mem_receiver`) while holding or not holding the lock, and before that thread dereferences the pointer, another thread in `sp_mem_remove()` frees the object, resulting in use-after-free memory access. This CWE-416 vulnerability is assigned a CVSS 3.1 score of 7.8 (HIGH) under local attack surface with low complexity.

Business impact

Organizations deploying OP-TEE as a secure partition manager face potential compromise of the trusted execution environment. A local attacker could exploit the race condition to corrupt the TEE's memory state, break isolation boundaries between secure and non-secure worlds, or cause denial of service. The impact extends to any application or service relying on the TEE for cryptographic operations, secure storage, or sensitive computation—commonly used in financial services, device authentication, and mobile security frameworks.

Affected systems

OP-TEE versions 3.16.0 through 4.10.x are vulnerable when built with the `CFG_SECURE_PARTITION=y` configuration flag, which enables OP-TEE to act as a Secure Partition Manager Controller (SPMC) for S-EL0 secure partitions. Unaffected versions include OP-TEE prior to 3.16.0 and version 4.11.0 and later. Organizations should verify their OP-TEE version and configuration: the vulnerability does not affect builds without secure partition support enabled.

Exploitability

Exploitation requires local access to the system (Attack Vector: Local) and standard user privileges (Privilege Level: Low). No user interaction is needed. The race condition must be triggered through precise timing of concurrent FF-A shared memory operations, which is technically feasible from unprivileged user space but requires detailed knowledge of OP-TEE's memory management internals and the ability to spawn and coordinate concurrent processes. The vulnerability is not currently tracked in the CISA Known Exploited Vulnerabilities catalog, though the race condition's exploitability is theoretically straightforward once understood.

Remediation

Upgrade OP-TEE to version 4.11.0 or later, which includes the fix for the `sp_mem_remove()` synchronization issue. The patch adds proper locking discipline to ensure that all list iterations and free operations on `smem->receivers` and `smem->regions` are serialized under the `sp_mem_lock` mutex. Organizations unable to upgrade immediately should review their threat model: if OP-TEE is not configured with `CFG_SECURE_PARTITION=y`, the system is not vulnerable.

Patch guidance

Apply OP-TEE 4.11.0 or a later stable release. Verify the patch by confirming that `sp_mem_remove()` now correctly acquires `sp_mem_lock` before modifying the shared memory data structures. Test in a staging environment to ensure the fix does not introduce performance regressions in shared memory teardown operations. If you are maintaining a custom OP-TEE build, backport the synchronization fix from the upstream 4.11.0 release and validate against your secure partition workloads.

Detection guidance

Monitor system logs and kernel debugging output for signs of memory corruption or panic messages originating from OP-TEE's memory management subsystem, particularly in secure partition code paths. If available, enable CONFIG_DEBUG_LIST or similar kernel memory integrity checks to catch use-after-free access patterns. In production, correlate any unexpected TEE terminations or cryptographic operation failures with the timing of shared memory allocation and deallocation events. Consider maintaining a baseline of TEE stability metrics before and after patching to validate the fix.

Why prioritize this

Although the CVSS score is 7.8 (HIGH), the practical impact depends on deployment context. Organizations using OP-TEE with secure partitions enabled should prioritize this patch because exploitation could undermine the security guarantees of the TEE itself, affecting all downstream cryptographic and sensitive operations. For systems using OP-TEE without the secure partition feature enabled, risk is lower but patch availability should still be tracked. The absence of public exploits and KEV designation does not reduce the severity of a race condition affecting core memory management in a security-critical component.

Risk score, explained

CVSS 3.1 score of 7.8 reflects: Local Attack Vector (AV:L) limits the threat to local users; Low Attack Complexity (AC:L) indicates the race condition does not require exceptional conditions once understood; Low Privilege (PR:L) means any local user can attempt exploitation; No User Interaction (UI:N) means no social engineering is needed; Confidentiality, Integrity, and Availability all set to High (C:H/I:H/A:H) because successful exploitation allows an attacker to read, modify, or crash the TEE. The scope is Unchanged (S:U), as the vulnerability does not extend beyond OP-TEE itself.

Frequently asked questions

Does this vulnerability affect all OP-TEE deployments?

No. The vulnerability only affects OP-TEE versions 3.16.0 through 4.10.x when configured with `CFG_SECURE_PARTITION=y`. If your build does not enable secure partition support, or if you are running version 4.11.0 or later, you are not vulnerable. Verify your OP-TEE version and build configuration to determine your exposure.

Can this race condition be exploited remotely?

No. The Attack Vector is Local, so an attacker must have local access to the system and be able to execute code in the non-secure Linux user space. Remote exploitation is not possible.

What happens if the race condition is triggered?

When the race condition is triggered, a thread dereferences a pointer to memory that has already been freed by another thread. This can lead to information disclosure (reading stale data), memory corruption (writing to freed memory), or a crash of the TEE, depending on how the freed memory is reused.

Is there a workaround if we cannot patch immediately?

The best workaround is to disable secure partition support (`CFG_SECURE_PARTITION=n`) if it is not required for your use case. Otherwise, limiting local user access to the system reduces exposure. However, patching to version 4.11.0 or later is the proper fix and should be scheduled as soon as feasible.

This analysis is provided for informational purposes and reflects publicly available vulnerability data as of the publication date. The information herein does not constitute legal, compliance, or professional security advice. Organizations should conduct their own risk assessment and consult with their security teams and vendors. Patch availability, timing, and applicability vary by platform and configuration; verify against official OP-TEE release notes and your vendor's security advisories. SEC.co makes no warranty regarding the completeness or accuracy of this content and is not liable for any decisions or damages arising from its use. Source: NVD (public-domain), retrieved 2026-07-07. Analysis generated by SEC.co (claude-haiku-4-5).