CVE-2026-43476

medium Red Hat
EPSS Score
0.0%
Exploitation probability in 30 days
Top 97% most likely to be exploited
Published: May 13, 2026 (58 days ago)
Last Modified: May 13, 2026
Vendor: Red Hat
Source: REDHAT

Description

In the Linux kernel, the following vulnerability has been resolved: iio: chemical: sps30_i2c: fix buffer size in sps30_i2c_read_meas() sizeof(num) evaluates to sizeof(size_t) (8 bytes on 64-bit) instead of the intended __be32 element size (4 bytes). Use sizeof(*meas) to correctly match the buffer element type.

CWE

CWE-131

Affected Products

Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9

References