CVE-2026-43476

HIGH EPSS 2.2%
Published May 13, 20261mo ago · Modified Jun 26, 20263d ago
7.8 CVSS 3.1
High
Find Similar
Published May 13, 2026 1mo ago
Last Modified Jun 26, 2026 3d ago

Description

In the Linux kernel, the following vulnerability has been resolved: iio: chemical: sps30_i2c: fix buffer size in sps30_i2c_read_meas() sizeof(num) evaluates to sizeof(size_t) (8 bytes on 64-bit) instead of the intended __be32 element size (4 bytes). Use sizeof(*meas) to correctly match the buffer element type.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
2.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 9

VendorProductVersionRange
linuxlinux_kernel*≥5.14  –  <5.15.203
linuxlinux_kernel*≥5.16  –  <6.1.167
linuxlinux_kernel*≥6.2  –  <6.6.130
linuxlinux_kernel*≥6.7  –  <6.12.78
linuxlinux_kernel*≥6.13  –  <6.18.19
linuxlinux_kernel*≥6.19  –  <6.19.9
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any

References 7

  • git.kernel.org https://git.kernel.org/stable/c/08881d82f94deaa51800360029908863e5c4c39d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/165f12b40901c6a7aca15796da239726ddcdc5ad
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/216345f98cae7fcc84f49728c67478ac00321c87
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2a4d111a6a34afb8bb4f118009e7728ed2ec7e10
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/90e978ace598567e6e30de79805bddf37cf892ac
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9aff2e9c2927ecd9652872a43a0725f101128104
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/dcdf1e92674efb6692f4ebe189e0aa9fde23a541
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/08881d82f94deaa51800360029908863e5c4c39d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/165f12b40901c6a7aca15796da239726ddcdc5ad
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/216345f98cae7fcc84f49728c67478ac00321c87
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2a4d111a6a34afb8bb4f118009e7728ed2ec7e10
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/90e978ace598567e6e30de79805bddf37cf892ac
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9aff2e9c2927ecd9652872a43a0725f101128104
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/dcdf1e92674efb6692f4ebe189e0aa9fde23a541
    Patch