CVE-2026-46326
HighCVSS 8.4Exploitation Probability (EPSS)
Low risk3th percentile - higher than 3% of all known CVEs
Summary
In the Linux kernel, the IIO subsystem for the mprls0025pa pressure sensor fails to zero out the spi_transfer struct before use. This can lead to undefined behavior during SPI communication.
Risk Assessment
The risk involves potential malfunction of the pressure sensor, leading to incorrect readings or system failure in industrial and IoT environments.
Recommendation
It is recommended to update the Linux kernel to a version containing the fix that ensures the spi_transfer struct is zeroed before use.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix spi_transfer struct initialisation Make sure that the spi_transfer struct is zeroed out before use.

