EUVD-2026-26693

OpenAMP v2025.10.0 ELF loader contains an integer overflow vulnerability in firmware image parsing. In elfloader.c, it performs multiplication of two attacker-controlled 16-bit values from the ELF header without overflow checking. On 32-bit embedded systems STM32MP1, Zynq, i.MX, large values can...

CVE-2026-37540

OpenAMP v2025.10.0 ELF loader contains an integer overflow in firmware image parsing: elf_loader.c multiplies two attacker-controlled 16-bit values from the ELF header without overflow checking. On 32-bit embedded targets (e.g., STM32MP1, Zynq, i.MX), large inputs can wrap the product to a small ...