CVE-2025-71291

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> misc: bcm_vk: Fix possible null-pointer dereferences in bcm_vk_read()<br /> <br /> In the function bcm_vk_read(), the pointer entry is checked, indicating<br /> that it can be NULL. If entry is NULL and rc is set to -EMSGSIZE, the<br /> following code may cause null-pointer dereferences:<br /> <br /> struct vk_msg_blk tmp_msg = entry-&gt;to_h_msg[0];<br /> set_msg_id(&amp;tmp_msg, entry-&gt;usr_msg_id);<br /> tmp_msg.size = entry-&gt;to_h_blks - 1;<br /> <br /> To prevent these possible null-pointer dereferences, copy to_h_msg,<br /> usr_msg_id, and to_h_blks from iter into temporary variables, and return<br /> these temporary variables to the application instead of accessing them<br /> through a potentially NULL entry.