Volerion logoVolerion
Volerion logoVolerion

Linux Kernel SPI Transfer Initialization Vulnerability in IIO Pressure Driver

Vulnerability

A vulnerability exists in the Linux kernel's IIO pressure driver for the MPRLS0025PA sensor. The issue arises because the SPI transfer structure is not properly initialized before use, which could lead to undefined behavior. This vulnerability affects the stable version of the Linux kernel.

Impact

The vulnerability could cause improper handling of SPI transfers, potentially leading to incorrect data being read from or written to the sensor.

Reproduction

The vulnerability can be reproduced by using the MPRLS0025PA pressure sensor with the affected Linux kernel version. The IIO pressure driver will fail to properly initialize the SPI transfer structure, which could result in undefined behavior when communicating with the sensor.

Remediation

Users can upgrade to the latest version of the Linux kernel, where this vulnerability has been addressed. The specific commit that resolves this issue is 1e0ac56c92e26115cbc8cfc639843725cb3a7d6a.

Added: Jun 9, 2026, 3:05 PM
Updated: Jun 9, 2026, 3:05 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
0.6
exploitability
4.3
remediation
7.7
relevance
9.4
threat
4.8
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.