CVE-2026-37540
8.4
CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:N/S:U/UI:N
Summary
OpenAMP v2025.10.0 ELF loader contains an integer overflow vulnerability in firmware image parsing. In elf_loader.c, it performs multiplication of two attacker-controlled 16-bit values from the ELF header without overflow checking. On 32-bit embedded systems (STM32MP1, Zynq, i.MX), large values can cause the product to wrap around to a small value.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://github.com/OpenAMP/open-amp
- https://github.com/OpenAMP/open-amp/blob/main/lib/remoteproc/elf_loader.c
- https://gist.github.com/sgInnora/f4ac66faeefe07a653ceeb3f58cdc381
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.