{"id":"CVE-2025-38264","summary":"nvme-tcp: sanitize request list handling","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-tcp: sanitize request list handling\n\nValidate the request in nvme_tcp_handle_r2t() to ensure it's not part of\nany list, otherwise a malicious R2T PDU might inject a loop in request\nlist processing.","modified":"2026-03-20T12:42:46.406370Z","published":"2025-07-09T10:42:38.602Z","related":["ALSA-2025:12662","SUSE-SU-2025:02846-1","SUSE-SU-2025:02853-1","SUSE-SU-2025:02923-1","SUSE-SU-2025:02969-1","SUSE-SU-2025:02996-1","SUSE-SU-2025:02997-1","SUSE-SU-2025:03011-1","SUSE-SU-2025:03023-1","SUSE-SU-2025:20577-1","SUSE-SU-2025:20586-1","SUSE-SU-2025:20601-1","SUSE-SU-2025:20602-1","SUSE-SU-2025:21074-1","SUSE-SU-2025:21139-1","SUSE-SU-2025:21179-1","openSUSE-SU-2025:20081-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38264.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0bf04c874fcb1ae46a863034296e4b33d8fbd66c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/78a4adcd3fedb0728436e8094848ebf4c6bae006"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f054ea62598197714a6ca7b3b387a027308f8b13"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38264.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38264"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"3f2304f8c6d6ed97849057bd16fee99e434ca796"},{"fixed":"78a4adcd3fedb0728436e8094848ebf4c6bae006"},{"fixed":"f054ea62598197714a6ca7b3b387a027308f8b13"},{"fixed":"0bf04c874fcb1ae46a863034296e4b33d8fbd66c"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38264.json"}}],"schema_version":"1.7.5"}