CVE-2025-38264

Summary

In the Linux kernel, the following vulnerability has been resolved:

nvme-tcp: sanitize request list handling

Validate the request in nvme_tcp_handle_r2t() to ensure it's not part of any list, otherwise a malicious R2T PDU might inject a loop in request list processing.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux3f2304f8c6d6ed97849057bd16fee99e434ca796 < 78a4adcd3fedb0728436e8094848ebf4c6bae006affected
LinuxLinux3f2304f8c6d6ed97849057bd16fee99e434ca796 < f054ea62598197714a6ca7b3b387a027308f8b13affected
LinuxLinux3f2304f8c6d6ed97849057bd16fee99e434ca796 < 0bf04c874fcb1ae46a863034296e4b33d8fbd66caffected
LinuxLinux5.0affected
LinuxLinux0 < 5.0unaffected
LinuxLinux6.12.36 <= 6.12.*unaffected
LinuxLinux6.15.5 <= 6.15.*unaffected
LinuxLinux6.16 <= *unaffected

Weaknesses

References