{"id":"CVE-2025-71291","summary":"misc: bcm_vk: Fix possible null-pointer dereferences in bcm_vk_read()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: bcm_vk: Fix possible null-pointer dereferences in bcm_vk_read()\n\nIn the function bcm_vk_read(), the pointer entry is checked, indicating\nthat it can be NULL. If entry is NULL and rc is set to -EMSGSIZE, the\nfollowing code may cause null-pointer dereferences:\n\n  struct vk_msg_blk tmp_msg = entry-\u003eto_h_msg[0];\n  set_msg_id(&tmp_msg, entry-\u003eusr_msg_id);\n  tmp_msg.size = entry-\u003eto_h_blks - 1;\n\nTo prevent these possible null-pointer dereferences, copy to_h_msg,\nusr_msg_id, and to_h_blks from iter into temporary variables, and return\nthese temporary variables to the application instead of accessing them\nthrough a potentially NULL entry.","modified":"2026-05-28T03:53:18.945607553Z","published":"2026-05-06T11:32:23.223Z","database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71291.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/20f2d9dbe5e972516f8f9948d7ae5b95d1ad77bd"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3842f93e6e29d5cc1dcb9e5bda70587b444bed69"},{"type":"WEB","url":"https://git.kernel.org/stable/c/741c5a3a0cd893a4218fc0fc8c18403e54fcfb22"},{"type":"WEB","url":"https://git.kernel.org/stable/c/aa97ccc3dc1eba9f4537f0410e9dbb0b05ccf2fb"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ba75ecb97d3f4e95d59002c13afb6519205be6cb"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ece3722169ba93734bfd1f06255e8ab7f19fe964"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71291.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-71291"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"88517757a829e9ce146a6c7233ad5dcdc66fcbb0"},{"fixed":"741c5a3a0cd893a4218fc0fc8c18403e54fcfb22"},{"fixed":"ece3722169ba93734bfd1f06255e8ab7f19fe964"},{"fixed":"aa97ccc3dc1eba9f4537f0410e9dbb0b05ccf2fb"},{"fixed":"3842f93e6e29d5cc1dcb9e5bda70587b444bed69"},{"fixed":"20f2d9dbe5e972516f8f9948d7ae5b95d1ad77bd"},{"fixed":"ba75ecb97d3f4e95d59002c13afb6519205be6cb"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-71291.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.19.0"},{"fixed":"6.1.165"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.128"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.75"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.18.16"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.19.0"},{"fixed":"6.19.6"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-71291.json"}}],"schema_version":"1.7.5"}