iio: chemical: sps30_i2c: fix buffer size in sps30_i2c_read_meas()_CVE-2026-43476

7.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

In the Linux kernel, the following vulnerability has been resolved:

iio: chemical: sps30_i2c: fix buffer size in sps30_i2c_read_meas()

sizeof(num) evaluates to sizeof(size_t) (8 bytes on 64-bit) instead
of the intended __be32 element size (4 bytes). Use sizeof(*meas) to
correctly match the buffer element type.

Basic Information

ID CVE-2026-43476

Source Linux

Published May 13, 2026 at 15:08

Modified May 20, 2026 at 16:08

Affected Product

Vendor Linux

Product Linux

Version 8f3f130852785dac0759843835ca97c3bacc2b10

Affected Versions Linux Linux 8f3f130852785dac0759843835ca97c3bacc2b10
Linux Linux 8f3f130852785dac0759843835ca97c3bacc2b10
Linux Linux 8f3f130852785dac0759843835ca97c3bacc2b10
Linux Linux 8f3f130852785dac0759843835ca97c3bacc2b10
Linux Linux 8f3f130852785dac0759843835ca97c3bacc2b10
Linux Linux 8f3f130852785dac0759843835ca97c3bacc2b10
Linux Linux 8f3f130852785dac0759843835ca97c3bacc2b10
Linux Linux 5.14

References

{
    "lastseen": "",
    "description": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: chemical: sps30_i2c: fix buffer size in sps30_i2c_read_meas()\n\nsizeof(num) evaluates to sizeof(size_t) (8 bytes on 64-bit) instead\nof the intended __be32 element size (4 bytes). Use sizeof(*meas) to\ncorrectly match the buffer element type.",
    "published": "2026-05-13T15:08:26.152Z",
    "modified": "2026-05-20T16:08:08.173Z",
    "type": "cve",
    "title": "iio: chemical: sps30_i2c: fix buffer size in sps30_i2c_read_meas()",
    "source": "Linux",
    "references": "https://git.kernel.org/stable/c/9aff2e9c2927ecd9652872a43a0725f101128104\nhttps://git.kernel.org/stable/c/08881d82f94deaa51800360029908863e5c4c39d\nhttps://git.kernel.org/stable/c/dcdf1e92674efb6692f4ebe189e0aa9fde23a541\nhttps://git.kernel.org/stable/c/2a4d111a6a34afb8bb4f118009e7728ed2ec7e10\nhttps://git.kernel.org/stable/c/90e978ace598567e6e30de79805bddf37cf892ac\nhttps://git.kernel.org/stable/c/165f12b40901c6a7aca15796da239726ddcdc5ad\nhttps://git.kernel.org/stable/c/216345f98cae7fcc84f49728c67478ac00321c87",
    "id": "CVE-2026-43476",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "Linux Linux 8f3f130852785dac0759843835ca97c3bacc2b10\nLinux Linux 8f3f130852785dac0759843835ca97c3bacc2b10\nLinux Linux 8f3f130852785dac0759843835ca97c3bacc2b10\nLinux Linux 8f3f130852785dac0759843835ca97c3bacc2b10\nLinux Linux 8f3f130852785dac0759843835ca97c3bacc2b10\nLinux Linux 8f3f130852785dac0759843835ca97c3bacc2b10\nLinux Linux 8f3f130852785dac0759843835ca97c3bacc2b10\nLinux Linux 5.14",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Linux",
    "version": "8f3f130852785dac0759843835ca97c3bacc2b10",
    "vendor": "Linux",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

Affected Product

References

💭 Join the Security Discussion ❌ Cancel Reply