In the Linux kernel, the following vulnerability has been resolved:
misc: bcmvk: Fix possible null-pointer dereferences in bcmvk_read()
In the function bcmvkread(), the pointer entry is checked, indicating that it can be NULL. If entry is NULL and rc is set to -EMSGSIZE, the following code may cause null-pointer dereferences:
struct vkmsgblk tmpmsg = entry->tohmsg[0]; setmsgid(&tmpmsg, entry->usrmsgid); tmpmsg.size = entry->toh_blks - 1;
To prevent these possible null-pointer dereferences, copy tohmsg, usrmsgid, and tohblks from iter into temporary variables, and return these temporary variables to the application instead of accessing them through a potentially NULL entry.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71291.json",
"cna_assigner": "Linux"
}