CVE-2025-38264

Unknown CVSS N/A

Overview

In the Linux kernel, the following vulnerability has been resolved:

nvme-tcp: sanitize request list handling

Validate the request in nvme_tcp_handle_r2t() to ensure it's not part of
any list, otherwise a malicious R2T PDU might inject a loop in request
list processing.

CWE: N/A Published: 2025-07-09T11:15:28.810

Risk analysis

This vulnerability is rated ⚪ UNKNOWN.

CVSS: N/A
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags