7.8
CVE-2026-43476
- EPSS 0.12%
- Veröffentlicht 13.05.2026 15:08:26
- Zuletzt bearbeitet 26.06.2026 20:18:11
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
iio: chemical: sps30_i2c: fix buffer size in sps30_i2c_read_meas()
In the Linux kernel, the following vulnerability has been resolved: iio: chemical: sps30_i2c: fix buffer size in sps30_i2c_read_meas() sizeof(num) evaluates to sizeof(size_t) (8 bytes on 64-bit) instead of the intended __be32 element size (4 bytes). Use sizeof(*meas) to correctly match the buffer element type.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.14 < 5.15.203
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.167
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.130
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.78
Linux ≫ Linux Kernel Version >= 6.13 < 6.18.19
Linux ≫ Linux Kernel Version >= 6.19 < 6.19.9
Linux ≫ Linux Kernel Version7.0 Updaterc1
Linux ≫ Linux Kernel Version7.0 Updaterc2
Linux ≫ Linux Kernel Version7.0 Updaterc3
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.12% | 0.022 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
https://git.kernel.org/stable/c/9aff2e9c2927ecd9652872a43a0725f101128104
https://git.kernel.org/stable/c/08881d82f94deaa51800360029908863e5c4c39d
https://git.kernel.org/stable/c/dcdf1e92674efb6692f4ebe189e0aa9fde23a541
https://git.kernel.org/stable/c/2a4d111a6a34afb8bb4f118009e7728ed2ec7e10
https://git.kernel.org/stable/c/90e978ace598567e6e30de79805bddf37cf892ac
https://git.kernel.org/stable/c/165f12b40901c6a7aca15796da239726ddcdc5ad
https://git.kernel.org/stable/c/216345f98cae7fcc84f49728c67478ac00321c87