Op Tee · Op-Tee · CVE-2026-33317
**Name of the Vulnerable Software and Affected Versions**
OP-TEE versions 3.13.0 through 4.10.0
**Description**
Missing checks in the `entry get attribute value()` function within `ta/pkcs11/src/object.c` can result in a crash or an out-of-bounds read from the PKCS#11 TA heap. If combined with an out-of-bounds read, the `entry get attribute value()` function or the PKCS#11 TA function `PKCS11 CMD GET ATTRIBUTE VALUE` can be manipulated using a malicious template parameter to read up to 7 bytes beyond the template buffer end and write attribute value content beyond the template buffer end.
**Recommendations**
Update to version 4.11.0.