CVE-2026-46326
Received Received - Intake
IIO Pressure MPRLS0025PA SPI Transfer Initialization Flaw

Publication date: 2026-06-09

Last updated on: 2026-06-09

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix spi_transfer struct initialisation Make sure that the spi_transfer struct is zeroed out before use.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-09
Last Modified
2026-06-09
Generated
2026-06-09
AI Q&A
2026-06-09
EPSS Evaluated
N/A
NVD
CVE-2026-46326
EUVD
EUVD-2026-35427
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Mitigation Strategies

The vulnerability is fixed by ensuring that the spi_transfer struct is zeroed out before use in the Linux kernel driver for the mprls0025pa pressure sensor.

To mitigate this vulnerability, you should update your Linux kernel to a version that includes this fix.

Executive Summary

This vulnerability is related to the Linux kernel, specifically in the iio pressure sensor driver for the mprls0025pa device. The issue was that the spi_transfer struct was not properly initialized before use. The fix involved ensuring that the spi_transfer struct is zeroed out before it is used, which prevents potential unexpected behavior caused by uninitialized data.

Impact Analysis

Improper initialization of the spi_transfer struct could lead to unpredictable behavior in the pressure sensor driver, which might cause incorrect sensor readings or system instability. However, specific impacts such as security breaches or data loss are not detailed in the provided information.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-46326. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart