{"id":"CVE-2026-31687","summary":"gpio: omap: do not register driver in probe()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: omap: do not register driver in probe()\n\nCommit 11a78b794496 (\"ARM: OMAP: MPUIO wake updates\") registers the\nomap_mpuio_driver from omap_mpuio_init(), which is called from\nomap_gpio_probe().\n\nHowever, it neither makes sense to register drivers from probe()\ncallbacks of other drivers, nor does the driver core allow registering\ndrivers with a device lock already being held.\n\nThe latter was revealed by commit dc23806a7c47 (\"driver core: enforce\ndevice_lock for driver_match_device()\") leading to a potential deadlock\ncondition described in [1].\n\nAdditionally, the omap_mpuio_driver is never unregistered from the\ndriver core, even if the module is unloaded.\n\nHence, register the omap_mpuio_driver from the module initcall and\nunregister it in module_exit().","modified":"2026-05-18T05:59:54.630402711Z","published":"2026-04-27T17:32:37.227Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31687.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/03db4dc9ad6eb91e640b517e00373ce877682854"},{"type":"WEB","url":"https://git.kernel.org/stable/c/1c04c3a4de8d4bcb9202f94c44f26c57c2572308"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2211d77892913804d16c28c7415b82804ab1e54c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/32f08c3ddd6dda6cbb6c9d715de10f21dccde50f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/53a76425e0764421ba93bb9045d2e454667d5687"},{"type":"WEB","url":"https://git.kernel.org/stable/c/57bcd3feffa79544c73a1a1872472389a391cc79"},{"type":"WEB","url":"https://git.kernel.org/stable/c/673dafb9a86349a12a93151fd467625614dc7e12"},{"type":"WEB","url":"https://git.kernel.org/stable/c/730e5ebff40c852e3ea57b71bf02a4b89c69435f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/86588916e1887a5edb8a9161cd7ae81e47a7ed25"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a29215961d833f4de33a09c3964d31ebc6083033"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a7fa9460b86f810913b6779461d0448e7c11214c"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31687.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-31687"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"11a78b7944963a8b052be46108d07a3ced9e2762"},{"fixed":"57bcd3feffa79544c73a1a1872472389a391cc79"},{"fixed":"86588916e1887a5edb8a9161cd7ae81e47a7ed25"},{"fixed":"a29215961d833f4de33a09c3964d31ebc6083033"},{"fixed":"1c04c3a4de8d4bcb9202f94c44f26c57c2572308"},{"fixed":"2211d77892913804d16c28c7415b82804ab1e54c"},{"fixed":"32f08c3ddd6dda6cbb6c9d715de10f21dccde50f"},{"fixed":"730e5ebff40c852e3ea57b71bf02a4b89c69435f"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"adc1796eced46b48e23ec200a219d635f33a38ee"},{"fixed":"673dafb9a86349a12a93151fd467625614dc7e12"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"cd0e0a76e40c2e77bcfc88291d00dca22b00158e"},{"fixed":"a7fa9460b86f810913b6779461d0448e7c11214c"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"8d76b2488eb3cc0717ab81b60622cff4a5f90f79"},{"fixed":"53a76425e0764421ba93bb9045d2e454667d5687"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"bc82e5f4d7dc8237ae8cabc73aa46fc93c85d98c"},{"fixed":"03db4dc9ad6eb91e640b517e00373ce877682854"}]}],"versions":["v6.6.125","v6.12.72","v6.18.11","v6.19.1"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-31687.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"2.6.22"},{"fixed":"5.10.251"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.201"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.164"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.125"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.6.126"},{"fixed":"6.12.72"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.12.73"},{"fixed":"6.18.11"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.19.0"},{"fixed":"6.18.12"},{"fixed":"6.19.2"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-31687.json"}}],"schema_version":"1.7.5"}