From 57a09ba0f3a02e660e789a59205bd10ec12903d8 Mon Sep 17 00:00:00 2001
From: Oracle Linux CVE analysis bot <ora-linux-cve-analysis_mb@oracle.com>
Date: Fri, 13 Mar 2026 15:16:55 +0000
Subject: [PATCH 1/2] Analysis for CVE-2025-71120.yml

---
 vulns/CVE-2025-71120.yml | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 vulns/CVE-2025-71120.yml

diff --git a/vulns/CVE-2025-71120.yml b/vulns/CVE-2025-71120.yml
new file mode 100644
index 0000000..e159e17
--- /dev/null
+++ b/vulns/CVE-2025-71120.yml
@@ -0,0 +1,11 @@
+reachability: Remote
+memory_corruption: false
+bug_class: NULL pointer dereference
+impact: DoS
+privileges_required: false
+notes: |2-
+   NULL pointer dereference in net/sunrpc/auth_gss leading to Remote DoS.
+  Reachable remotely through an existing Kerberos enabled NFS/SUNRPC connection
+  (module RPCSEC_GSS_KRB5 loaded).
+author: Oracle Corporation
+version: v0.1

From 7d4b1aefd6b11cdf0ea8717b3225ec334dc62fc9 Mon Sep 17 00:00:00 2001
From: Oracle Linux CVE analysis bot <ora-linux-cve-analysis_mb@oracle.com>
Date: Fri, 13 Mar 2026 15:16:55 +0000
Subject: [PATCH 2/2] Analysis for CVE-2026-23161.yml

---
 vulns/CVE-2026-23161.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)
 create mode 100644 vulns/CVE-2026-23161.yml

diff --git a/vulns/CVE-2026-23161.yml b/vulns/CVE-2026-23161.yml
new file mode 100644
index 0000000..9354885
--- /dev/null
+++ b/vulns/CVE-2026-23161.yml
@@ -0,0 +1,10 @@
+reachability: Local
+memory_corruption: true
+bug_class: Improper Locking
+impact: LPE
+privileges_required: false
+notes: |2-
+   Race condition in mm/shmem swap truncation leading to swap-map corruption,
+  DoS and potentially LPE that can be triggered by an unprivileged user
+author: Oracle Corporation
+version: v0.1