246 matches found
CVE-2026-59870
js-yaml is a JavaScript YAML parser and dumper. From 5.0.0 before 5.2.1, YAML11SCHEMA support for the !!omap tag in src/tag/sequence/omap.ts uses omapTag.addItem to perform a linear duplicate-key scan on every insertion, causing On^2 CPU consumption when yaml.load parses a crafted ordered-map...
EUVD-2026-42300
js-yaml is a JavaScript YAML parser and dumper. From 5.0.0 before 5.2.1, YAML11SCHEMA support for the !!omap tag in src/tag/sequence/omap.ts uses omapTag.addItem to perform a linear duplicate-key scan on every insertion, causing On^2 CPU consumption when yaml.load parses a crafted ordered-map...
CVE-2026-59870
CVE-2026-59870 affects js-yaml prior to 5.2.1. The YAML11_SCHEMA’s handling of the !!omap tag in omap.ts performs a linear duplicate-key scan on each insertion, causing O(n^2) CPU usage when yaml.load() parses crafted ordered-map documents. Red Hat and NVD entries confirm this results in CPU-inte...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: crypto: omap – Correctly allocate OMAPCRYPTOFORCECOPY scatterlists The current allocation of scatterlists in oprcryptocopysglists was incorrect; it was allocating an array of scatterlist pointers, rather than scatterlist objects...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: In the gpio: omap section, it is not necessary to register the driver within the probe function. Commit 11a78b794496 “ARM: OMAP: MPUIO wake updates” registers the omapmpuiodriver from the omapmpuioinit function, which is called...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/omap: fixed the NULL but dereferenced coccicheck error. Fixed the following coccicheck warning: ./drivers/gpu/drm/omapdrm/omapoverlay.c:89:22-25: ERROR: rovl is NULL, but it was dereferenced. The correct value should be ovl-i...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: iommu/omap: Fixed buffer overflow in debugfs There are two issues here: 1 The “len” variable needs to be checked before the very first write. Otherwise, if omap2iommudumpctx is called with “bytes” less than 32, it will result ...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: serial: 8250: omap: Do not skip resource freeing if pmruntimeresumeandget fails. Returning an error code from .remove causes the driver core to emit a rather useless error message: remove callback returned a non-zero value. This...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iommu/omap: Fixed a regression in the probe for NULL pointer dereferencing. The commit 3f6634d997db “iommu: Use the correct method to retrieve iommuops” started causing a NULL pointer dereference for some omap variants:...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: drm/omap: dss: Fixed refcount leak issues In dssinitports and dssuninitports, we should call ofnodeput for the reference returned by ofgraphgetportbyid in the fail path or when it is no longer needed...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: omap: use threaded IRQ for LCD DMA When using touchscreens and framebuffers, the Nokia 770 easily crashes due to the following issue: BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000 Linked modules include:...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: phy: ti: phy-omap-usb2: Fixed NULL pointer dereferencing for SRP. If the external PHY working together with phy-omap-usb2 does not implement sendsrp, we may still attempt to call it. This can occur on an idle Ethernet device that...
SUSE CVE-2026-31687
In the Linux kernel, the following vulnerability has been resolved: gpio: omap: do not register driver in probe Commit 11a78b794496 "ARM: OMAP: MPUIO wake updates" registers the omapmpuiodriver from omapmpuioinit, which is called from omapgpioprobe. However, it neither makes sense to register...
Linux Distros Unpatched Vulnerability : CVE-2026-31687
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gpio: omap: do not register driver in probe Commit 11a78b794496 ARM: OMAP: MPUIO wake updates registers the omapmpuiodriver from omapmpuioinit, which is called...
CVE-2026-31687
A flaw was found in the Linux kernel's OMAP General Purpose Input/Output GPIO driver. The omapmpuiodriver is incorrectly registered from within the omapgpioprobe function while a device lock is already held. This can lead to a potential deadlock condition, which a local attacker could exploit to...
CVE-2026-31687
In the Linux kernel, the following vulnerability has been resolved: gpio: omap: do not register driver in probe Commit 11a78b794496 "ARM: OMAP: MPUIO wake updates" registers the omapmpuiodriver from omapmpuioinit, which is called from omapgpioprobe. However, it neither makes sense to register...
EUVD-2026-25884
In the Linux kernel, the following vulnerability has been resolved: gpio: omap: do not register driver in probe Commit 11a78b794496 "ARM: OMAP: MPUIO wake updates" registers the omapmpuiodriver from omapmpuioinit, which is called from omapgpioprobe. However, it neither makes sense to register...
CVE-2026-31687
In the Linux kernel, the following vulnerability has been resolved: gpio: omap: do not register driver in probe Commit 11a78b794496 "ARM: OMAP: MPUIO wake updates" registers the omapmpuiodriver from omapmpuioinit, which is called from omapgpioprobe. However, it neither makes sense to register...
CVE-2026-31687
The CVE-2026-31687 issue concerns the Linux kernel GPIO/omap driver: omap_mpuio_driver was registered from omap_gpio_probe() and could deadlock because a device lock may be held during probe, compounded by the driver core changes enforcing device_lock for driver_match_device(). The driver was als...
PT-2026-35493
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock condition exists in the GPIO OMAP driver. The omap mpuio driver was being registered within the omap gpio probe function. Because the driver core prohibits registering drivers...