VYPR
Unrated severityNVD Advisory· Published Jul 9, 2025· Updated Jul 28, 2025

nvme-tcp: sanitize request list handling

CVE-2025-38264

Description

In the Linux kernel, the following vulnerability has been resolved:

nvme-tcp: sanitize request list handling

Validate the request in nvme_tcp_handle_r2t() to ensure it's not part of any list, otherwise a malicious R2T PDU might inject a loop in request list processing.

Affected products

126

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.