new file mode 100644
@@ -0,0 +1,40 @@
+From 2fdf0aa10bd23c0e4633efa087a27ff07f79015f Mon Sep 17 00:00:00 2001
+From: Jens Wiklander <jens.wiklander@linaro.org>
+Date: Thu, 22 Jan 2026 14:19:36 +0100
+Subject: [PATCH] core: crypto_api: fix underflow in emsa_pkcs1_v1_5_encode()
+
+Guard against an integer underflow in emsa_pkcs1_v1_5_encode() that can
+occur when calculating the padding field in the EMA-PKCS1-v1_5 encoding.
+
+CVE: CVE-2026-33662
+Upstream-Status: Backport [https://github.com/OP-TEE/optee_os/commit/caeaa2ae551666068894005387cca4113b10873f]
+
+Fixes: f5a70e3efb80 ("drivers: crypto: generic resources for crypto device driver - RSA")
+Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
+Reviewed-by: Jerome Forissier <jerome.forissier@arm.com>
+Signed-off-by: Hugo SIMELIERE (Schneider Electric) <hsimeliere.opensource@witekio.com>
+---
+ core/drivers/crypto/crypto_api/acipher/rsassa.c | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/core/drivers/crypto/crypto_api/acipher/rsassa.c b/core/drivers/crypto/crypto_api/acipher/rsassa.c
+index 0f71b84cc..01f8d7dc9 100644
+--- a/core/drivers/crypto/crypto_api/acipher/rsassa.c
++++ b/core/drivers/crypto/crypto_api/acipher/rsassa.c
+@@ -45,9 +45,10 @@ static TEE_Result emsa_pkcs1_v1_5_encode(struct drvcrypt_rsa_ssa *ssa_data,
+ * Calculate the PS size
+ * EM Size (modulus size) - 3 bytes - DigestInfo DER format size
+ */
+- ps_size = ssa_data->key.n_size - 3;
+- ps_size -= ssa_data->digest_size;
+- ps_size -= 10 + hash_oid->asn1_length;
++ if (SUB_OVERFLOW(ssa_data->key.n_size, 3, &ps_size) ||
++ SUB_OVERFLOW(ps_size, ssa_data->digest_size, &ps_size) ||
++ SUB_OVERFLOW(ps_size, 10 + hash_oid->asn1_length, &ps_size))
++ return TEE_ERROR_BAD_PARAMETERS;
+
+ CRYPTO_TRACE("PS size = %zu (n %zu)", ps_size, ssa_data->key.n_size);
+
+--
+2.43.0
+
@@ -10,4 +10,5 @@ SRC_URI += " \
file://CVE-2026-33317-1.patch \
file://CVE-2026-33317-2.patch \
file://CVE-2026-33317-3.patch \
+ file://CVE-2026-33662.patch \
"