SB20260114157 - NULL pointer dereference in Linux kernel trace
Published: January 14, 2026
Security Bulletin ID
SB20260114157
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) NULL pointer dereference (CVE-ID: CVE-2025-71125)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the trace_event_reg() function in kernel/trace/trace_events.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/3437c775bf209c674ad66304213b6b3c3b1b3f69
- https://git.kernel.org/stable/c/65b1971147ec12f0b1cee0811c859a3d7d9b04ce
- https://git.kernel.org/stable/c/6df47e5bb9b62d72f186f826ab643ea1856877c7
- https://git.kernel.org/stable/c/ef7f38df890f5dcd2ae62f8dbde191d72f3bebae
- https://git.kernel.org/stable/c/f7305697b60d79bc69c0a6e280fc931b4e8862dd