A critical security vulnerability was discovered in OP-TEE (Open Portable Trusted Execution Environment) on i.MX 8M SoCs where the TrustZone memory isolation was not properly implemented, allowing normal world access to secure world memory. The issue affects systems running OP-TEE versions before v4.10.0 without the CFG_TZASC_REGION0_SECURE=y configuration, potentially exposing sensitive data like cryptographic keys. The vulnerability was addressed in upstream OP-TEE v4.10.0 and i.MX downstream OP-TEE lf-6.12.49_2.2.0, though no CVE was assigned.
Background
ARM TrustZone is a system-wide security technology that creates two isolated execution environments (secure and normal worlds) on a single processor. OP-TEE is an open-source implementation of a Trusted Execution Environment that runs in the secure world, handling sensitive operations like cryptographic key storage and secure boot.
- Source
- Lobsters
- Published
- Jun 11, 2026 at 06:57 PM
- Score
- 8.0 / 10