HIGHCVE-2026-43476Published Modified CNA Linux
CVE-2026-43476: iio: chemical: sps30_i2c: fix buffer size in sps30_i2c_read_meas()
In the Linux kernel, the following vulnerability has been resolved: iio: chemical: sps30_i2c: fix buffer size in sps30_i2c_read_meas() sizeof(num) evaluates to sizeof(size_t) (8 bytes on 64-bit) instead of the intended __be32 element size (4 bytes). Use sizeof(*meas) to correctly match the buffer element type.
Metrics
- CVSS v3.1
- 7.8
- Severity
- HIGH
- Fixed in
- 0
- Affected Products
- 2
Fix available
008881d82f94deaa51800360029908863e5c4c39d165f12b40901c6a7aca15796da239726ddcdc5ad216345f98cae7fcc84f49728c67478ac00321c872a4d111a6a34afb8bb4f118009e7728ed2ec7e105.15.2036.1.1676.6.1306.12.786.18.196.19.97.090e978ace598567e6e30de79805bddf37cf892ac9aff2e9c2927ecd9652872a43a0725f101128104dcdf1e92674efb6692f4ebe189e0aa9fde23a541
Affected packages
- Linux / Linux< 9aff2e9c2927ecd9652872a43a0725f101128104 (from 8f3f130852785dac0759843835ca97c3bacc2b10) · < 08881d82f94deaa51800360029908863e5c4c39d (from 8f3f130852785dac0759843835ca97c3bacc2b10) · < dcdf1e92674efb6692f4ebe189e0aa9fde23a541 (from 8f3f130852785dac0759843835ca97c3bacc2b10) · < 2a4d111a6a34afb8bb4f118009e7728ed2ec7e10 (from 8f3f130852785dac0759843835ca97c3bacc2b10) · < 90e978ace598567e6e30de79805bddf37cf892ac (from 8f3f130852785dac0759843835ca97c3bacc2b10) · < 165f12b40901c6a7aca15796da239726ddcdc5ad (from 8f3f130852785dac0759843835ca97c3bacc2b10)
- Linux / Linux5.14Fixed in 0, 5.15.203, 6.1.167, 6.6.130, 6.12.78, 6.18.19, 6.19.9, 7.0
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H