{"id":"CVE-2025-71120","summary":"SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf\n\nA zero length gss_token results in pages == 0 and in_token-\u003epages[0]\nis NULL. The code unconditionally evaluates\npage_address(in_token-\u003epages[0]) for the initial memcpy, which can\ndereference NULL even when the copy length is 0. Guard the first\nmemcpy so it only runs when length \u003e 0.","modified":"2026-04-10T09:59:12.233691337Z","published":"2026-01-14T15:06:07.194Z","related":["MGASA-2026-0017","MGASA-2026-0018","SUSE-SU-2026:0350-1","SUSE-SU-2026:0369-1","SUSE-SU-2026:0411-1","SUSE-SU-2026:0447-1","SUSE-SU-2026:0471-1","SUSE-SU-2026:0472-1","SUSE-SU-2026:0473-1","SUSE-SU-2026:0474-1","SUSE-SU-2026:0496-1","SUSE-SU-2026:0587-1","SUSE-SU-2026:0617-1","SUSE-SU-2026:1180-1","SUSE-SU-2026:1185-1","SUSE-SU-2026:1188-1","SUSE-SU-2026:1189-1","SUSE-SU-2026:1212-1","SUSE-SU-2026:1221-1","SUSE-SU-2026:1222-1","SUSE-SU-2026:1225-1","SUSE-SU-2026:1236-1","SUSE-SU-2026:1237-1","SUSE-SU-2026:1239-1","SUSE-SU-2026:20477-1","SUSE-SU-2026:20498-1","SUSE-SU-2026:20555-1","SUSE-SU-2026:20599-1","SUSE-SU-2026:20615-1","SUSE-SU-2026:20845-1","SUSE-SU-2026:20876-1","openSUSE-SU-2026:20287-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71120.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/1c8bb965e9b0559ff0f5690615a527c30f651dd8"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4dedb6a11243a5c9eb9dbb97bca3c98bd725e83d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7452d53f293379e2c38cfa8ad0694aa46fc4788b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a2c6f25ab98b423f99ccd94874d655b8bcb01a19"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a8f1e445ce3545c90d69c9e8ff8f7821825fe810"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d4b69a6186b215d2dc1ebcab965ed88e8d41768d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f9e53f69ac3bc4ef568b08d3542edac02e83fefd"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71120.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-71120"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"5866efa8cbfbadf3905072798e96652faf02dbe8"},{"fixed":"a8f1e445ce3545c90d69c9e8ff8f7821825fe810"},{"fixed":"4dedb6a11243a5c9eb9dbb97bca3c98bd725e83d"},{"fixed":"f9e53f69ac3bc4ef568b08d3542edac02e83fefd"},{"fixed":"7452d53f293379e2c38cfa8ad0694aa46fc4788b"},{"fixed":"a2c6f25ab98b423f99ccd94874d655b8bcb01a19"},{"fixed":"1c8bb965e9b0559ff0f5690615a527c30f651dd8"},{"fixed":"d4b69a6186b215d2dc1ebcab965ed88e8d41768d"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"66ed7b413d31c6ff23901ac4443b1cc1af2f6113"},{"last_affected":"7be8c165dc81564705e8e0b72d398ef708f67eaa"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-71120.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.248"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.198"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.160"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.120"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.64"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.18.3"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-71120.json"}}],"schema_version":"1.7.5"}