CVE-2026-43307 Git CVE debrief

Who should care

Linux kernel maintainers, distro kernel security teams, embedded/device platform operators, and anyone deploying systems with the ADXL380 accelerometer driver enabled should care. Because the CVSS vector is local and low-privilege, defenders should especially review systems where untrusted local users can interact with sensor interfaces or where kernel updates are delayed.

Technical summary

According to the CVE description, the ADXL380 interrupt handler consumes FIFO data in groups of N, where N equals the number of enabled scan elements. The hardware, however, produces FIFO samples one at a time, so the FIFO status register may report a count that is not divisible by N. In that case, the driver can over-read beyond the number of entries actually present in the FIFO. The remediation is to round the reported FIFO entry count down to a multiple of N before issuing reads. The NVD record lists the issue with CVSS 3.1 vector AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating a locally reachable issue requiring low privileges.

Defensive priority

High for systems that ship or depend on the Linux kernel ADXL380 driver; otherwise medium. The bug is hardware/driver-specific, but the impact rating is high and the exploit path is local with low privileges, so kernel backporting and fleet verification should be prioritized where the device is in use.

Recommended defensive actions

• Apply the Linux kernel fix that rounds FIFO reads down to a multiple of the enabled scan count.
• Verify whether your kernel release has the corresponding stable backport from the referenced kernel.org commits.
• If you ship embedded or appliance systems using ADXL380 hardware, schedule regression testing after kernel updates to confirm IIO sensor reads still function correctly.
• Inventory systems that include the ADXL380 accelerometer driver and ensure they receive patched kernel builds before broad rollout.
• Monitor downstream vendor advisories and package updates for backported fixes matching the upstream kernel change.

Evidence notes

All claims are grounded in the supplied CVE description and NVD metadata. The issue is described as an over-read in the Linux kernel iio: accel: adxl380 driver caused by FIFO status counts that are not multiples of the enabled scan elements. The NVD record provides the CVSS vector AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. The source references are kernel.org stable commit links, indicating the fix has been backported or tracked in stable kernel branches. No affected version range was supplied in the source corpus, so no version-specific exposure claims are made.

Official resources