High severity7.8NVD Advisory· Published May 13, 2026· Updated May 20, 2026

CVE-2026-43476

Description

In the Linux kernel, the following vulnerability has been resolved:

iio: chemical: sps30_i2c: fix buffer size in sps30_i2c_read_meas()

sizeof(num) evaluates to sizeof(size_t) (8 bytes on 64-bit) instead of the intended __be32 element size (4 bytes). Use sizeof(*meas) to correctly match the buffer element type.

Affected products

Linux/sps30_i2cllm-create

Patches

dcdf1e92674e

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.gitvia nvd-ref

commit

9aff2e9c2927

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.gitvia nvd-ref

commit

90e978ace598

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.gitvia nvd-ref

commit

2a4d111a6a34

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.gitvia nvd-ref

commit

216345f98cae

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.gitvia nvd-ref

commit

165f12b40901

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.gitvia nvd-ref

commit

08881d82f94d

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.gitvia nvd-ref

commit

Vulnerability mechanics

Synthesis attempt was rejected by the grounding validator. Re-run pending.

References

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000