diff --git a/drivers/spi/spidev.c b/drivers/spi/spidev.c
index bb6b3abd116c..23ad97807797 100644
--- a/drivers/spi/spidev.c
+++ b/drivers/spi/spidev.c
@@ -249,9 +249,10 @@ static int spidev_message(struct spidev_data *spidev,
 		total += k_tmp->len;
 		/* Since the function returns the total length of transfers
 		 * on success, restrict the total to positive int values to
-		 * avoid the return value looking like an error.
+		 * avoid the return value looking like an error.  Also check
+		 * each transfer length to avoid arithmetic overflow.
 		 */
-		if (total > INT_MAX) {
+		if (total > INT_MAX || k_tmp->len > INT_MAX) {
 			status = -EMSGSIZE;
 			goto done;
 		}