CVE-2025-71291

MEDIUM EPSS 2.4%
Published May 6, 20261mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 6, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: misc: bcm_vk: Fix possible null-pointer dereferences in bcm_vk_read() In the function bcm_vk_read(), the pointer entry is checked, indicating that it can be NULL. If entry is NULL and rc is set to -EMSGSIZE, the following code may cause null-pointer dereferences: struct vk_msg_blk tmp_msg = entry->to_h_msg[0]; set_msg_id(&tmp_msg, entry->usr_msg_id); tmp_msg.size = entry->to_h_blks - 1; To prevent these possible null-pointer dereferences, copy to_h_msg, usr_msg_id, and to_h_blks from iter into temporary variables, and return these temporary variables to the application instead of accessing them through a potentially NULL entry.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 5

VendorProductVersionRange
linuxlinux_kernel*≥5.19  –  <6.1.165
linuxlinux_kernel*≥6.2  –  <6.6.128
linuxlinux_kernel*≥6.7  –  <6.12.75
linuxlinux_kernel*≥6.13  –  <6.18.16
linuxlinux_kernel*≥6.19  –  <6.19.6

References 6

  • git.kernel.org https://git.kernel.org/stable/c/20f2d9dbe5e972516f8f9948d7ae5b95d1ad77bd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3842f93e6e29d5cc1dcb9e5bda70587b444bed69
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/741c5a3a0cd893a4218fc0fc8c18403e54fcfb22
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/aa97ccc3dc1eba9f4537f0410e9dbb0b05ccf2fb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ba75ecb97d3f4e95d59002c13afb6519205be6cb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ece3722169ba93734bfd1f06255e8ab7f19fe964
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/20f2d9dbe5e972516f8f9948d7ae5b95d1ad77bd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3842f93e6e29d5cc1dcb9e5bda70587b444bed69
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/741c5a3a0cd893a4218fc0fc8c18403e54fcfb22
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/aa97ccc3dc1eba9f4537f0410e9dbb0b05ccf2fb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ba75ecb97d3f4e95d59002c13afb6519205be6cb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ece3722169ba93734bfd1f06255e8ab7f19fe964
    Patch