CVE-2025-38264 | Linux Kernel up to 6.12.35/6.15.4 nvme_tcp_handle_r2t injection

A vulnerability was found in Linux Kernel up to 6.12.35/6.15.4. It has been declared as problematic. This vulnerability affects the function nvme_tcp_handle_r2t. The manipulation leads to injection.

This vulnerability was named CVE-2025-38264. Access to the local network is required for this attack to succeed. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More