CVE-2025-40129
CVE-2025-40129 affects the Linux kernel sunrpc subsystem. A null pointer dereference could occur in gss_krb5_verify_mic_v2 due to a zero-length checksum in xdr_stream_decode_opaque_auth(), where checksum.data could be NULL when checksum.len