CVE-2025-71291
- Source
- https://cve.org/CVERecord?id=CVE-2025-71291
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-71291.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-71291
- Downstream
- Published
- 2026-05-06T11:32:23.223Z
- Modified
- 2026-05-15T11:54:42.083526976Z
- Summary
- misc: bcm_vk: Fix possible null-pointer dereferences in bcm_vk_read()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
misc: bcmvk: Fix possible null-pointer dereferences in bcmvk_read()
In the function bcmvkread(), the pointer entry is checked, indicating that it can be NULL. If entry is NULL and rc is set to -EMSGSIZE, the following code may cause null-pointer dereferences:
struct vkmsgblk tmpmsg = entry->tohmsg[0]; setmsgid(&tmpmsg, entry->usrmsgid); tmpmsg.size = entry->toh_blks - 1;
To prevent these possible null-pointer dereferences, copy tohmsg, usrmsgid, and tohblks from iter into temporary variables, and return these temporary variables to the application instead of accessing them through a potentially NULL entry.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71291.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/20f2d9dbe5e972516f8f9948d7ae5b95d1ad77bd
- https://git.kernel.org/stable/c/3842f93e6e29d5cc1dcb9e5bda70587b444bed69
- https://git.kernel.org/stable/c/741c5a3a0cd893a4218fc0fc8c18403e54fcfb22
- https://git.kernel.org/stable/c/aa97ccc3dc1eba9f4537f0410e9dbb0b05ccf2fb
- https://git.kernel.org/stable/c/ba75ecb97d3f4e95d59002c13afb6519205be6cb
- https://git.kernel.org/stable/c/ece3722169ba93734bfd1f06255e8ab7f19fe964
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71291.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-71291
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git