CVE-2025-38264

UNKNOWN 0.0

nvme-tcp: sanitize request list handling

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: sanitize request list handling Validate the request in nvme_tcp_handle_r2t() to ensure it's not part of any list, otherwise a malicious R2T PDU might inject a loop in request list processing.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Jul 9, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

3f2304f8c6d6ed97849057bd16fee99e434ca796 < 78a4adcd3fedb0728436e8094848ebf4c6bae006 3f2304f8c6d6ed97849057bd16fee99e434ca796 < f054ea62598197714a6ca7b3b387a027308f8b13 3f2304f8c6d6ed97849057bd16fee99e434ca796 < 0bf04c874fcb1ae46a863034296e4b33d8fbd66c

Linux / Linux

5.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/78a4adcd3fedb0728436e8094848ebf4c6bae006 git.kernel.org: https://git.kernel.org/stable/c/f054ea62598197714a6ca7b3b387a027308f8b13 git.kernel.org: https://git.kernel.org/stable/c/0bf04c874fcb1ae46a863034296e4b33d8fbd66c