7.8

CVE-2026-43476

iio: chemical: sps30_i2c: fix buffer size in sps30_i2c_read_meas()

In the Linux kernel, the following vulnerability has been resolved:

iio: chemical: sps30_i2c: fix buffer size in sps30_i2c_read_meas()

sizeof(num) evaluates to sizeof(size_t) (8 bytes on 64-bit) instead
of the intended __be32 element size (4 bytes). Use sizeof(*meas) to
correctly match the buffer element type.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.14 < 5.15.203
LinuxLinux Kernel Version >= 5.16 < 6.1.167
LinuxLinux Kernel Version >= 6.2 < 6.6.130
LinuxLinux Kernel Version >= 6.7 < 6.12.78
LinuxLinux Kernel Version >= 6.13 < 6.18.19
LinuxLinux Kernel Version >= 6.19 < 6.19.9
LinuxLinux Kernel Version7.0 Updaterc1
LinuxLinux Kernel Version7.0 Updaterc2
LinuxLinux Kernel Version7.0 Updaterc3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.12% 0.022
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
416baaa9-dc9f-4396-8d5f-8c081fb06d67 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/9aff2e9c2927ecd9652872a43a0725f101128104
Patch
https://git.kernel.org/stable/c/08881d82f94deaa51800360029908863e5c4c39d
Patch
https://git.kernel.org/stable/c/dcdf1e92674efb6692f4ebe189e0aa9fde23a541
Patch
https://git.kernel.org/stable/c/2a4d111a6a34afb8bb4f118009e7728ed2ec7e10
Patch
https://git.kernel.org/stable/c/90e978ace598567e6e30de79805bddf37cf892ac
Patch
https://git.kernel.org/stable/c/165f12b40901c6a7aca15796da239726ddcdc5ad
Patch
https://git.kernel.org/stable/c/216345f98cae7fcc84f49728c67478ac00321c87
Patch