Description

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: sanitize request list handling Validate the request in nvme_tcp_handle_r2t() to ensure it's not part of any list, otherwise a malicious R2T PDU might inject a loop in request list processing.

INFO

Published Date :

2025-07-09T10:42:38.602Z

Last Modified :

2025-07-28T04:16:37.400Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-38264 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-38264.

URL Resource
https://git.kernel.org/stable/c/0bf04c874fcb1ae46a863034296e4b33d8fbd66c cve-icon cve-icon
https://git.kernel.org/stable/c/78a4adcd3fedb0728436e8094848ebf4c6bae006 cve-icon cve-icon
https://git.kernel.org/stable/c/f054ea62598197714a6ca7b3b387a027308f8b13 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025070937-CVE-2025-38264-ffd2@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-38264 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-38264 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact