CVE-2026-43476
Published: May 13, 2026
Modified: May 20, 2026
CVSS v3.1
7.8
Description
In the Linux kernel, the following vulnerability has been resolved: iio: chemical: sps30_i2c: fix buffer size in sps30_i2c_read_meas() sizeof(num) evaluates to sizeof(size_t) (8 bytes on 64-bit) instead of the intended __be32 element size (4 bytes). Use sizeof(*meas) to correctly match the buffer element type.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 8f3f130852785dac0759843835ca97c3bacc2b10 - < 9aff2e9c2927ecd9652872a43a0725f101128104affected 8f3f130852785dac0759843835ca97c3bacc2b10 - < 08881d82f94deaa51800360029908863e5c4c39daffected 8f3f130852785dac0759843835ca97c3bacc2b10 - < dcdf1e92674efb6692f4ebe189e0aa9fde23a541affected 8f3f130852785dac0759843835ca97c3bacc2b10 - < 2a4d111a6a34afb8bb4f118009e7728ed2ec7e10affected 8f3f130852785dac0759843835ca97c3bacc2b10 - < 90e978ace598567e6e30de79805bddf37cf892ac+2 more versions |
Linux | Linux | affected 5.14unaffected 0 - < 5.14unaffected 5.15.203 - <= 5.15.*unaffected 6.1.167 - <= 6.1.*unaffected 6.6.130 - <= 6.6.*+4 more versions |
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now