Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: Remove the tag set when the second admin queue configuration fails. Commit 104d0e2f6222 “nvme-fabrics: Reset the admin connection for secure concatenation” modified nvmetcpsetupctrl to call nvmetcpconfigureadminqueue...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: nvme-tcp: fixed UAF Use-after-Free issues when detecting digest errors. We should also exit the iowork loop when setting rdenabled to true, so that we do not attempt to read data from the socket when the TCP stream is already...

CVE-2023-53643 nvme-tcp: don't access released socket during error recovery

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: don't access released socket during error recovery While the error recovery work is temporarily failing reconnect attempts, running the 'nvme list' command causes a kernel NULL pointer dereference by calling getsockname...

CVE-2023-53643

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: don't access released socket during error recovery While the error recovery work is temporarily failing reconnect attempts, running the 'nvme list' command causes a kernel NULL pointer dereference by calling getsockname...

EUVD-2024-53280

Malicious code in bioql PyPI...

nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()

...

UBUNTU-CVE-2025-38264

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: sanitize request list handling Validate the request in nvmetcphandler2t to ensure it's not part of any list, otherwise a malicious R2T PDU might inject a loop in request list processing...

CVE-2025-38264 nvme-tcp: sanitize request list handling

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: sanitize request list handling Validate the request in nvmetcphandler2t to ensure it's not part of any list, otherwise a malicious R2T PDU might inject a loop in request list processing...

CVE-2025-38264

CVE-2025-38264 : In the Linux kernel nvme-tcp code, a flaw in nvme_tcp_handle_r2t allows a malicious R2T PDU to be injected into the request list if the request is not properly validated against the list, enabling a loop in list processing. The issue was fixed by sanitizing the request list handl...

CVE-2025-38209

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: remove tag set when second admin queue config fails Commit 104d0e2f6222 "nvme-fabrics: reset admin connection for secure concatenation" modified nvmetcpsetupctrl to call nvmetcpconfigureadminqueue twice. The first call...

UBUNTU-CVE-2025-38209

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: remove tag set when second admin queue config fails Commit 104d0e2f6222 "nvme-fabrics: reset admin connection for secure concatenation" modified nvmetcpsetupctrl to call nvmetcpconfigureadminqueue twice. The first call...

CVE-2025-38209 nvme-tcp: remove tag set when second admin queue config fails

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: remove tag set when second admin queue config fails Commit 104d0e2f6222 "nvme-fabrics: reset admin connection for secure concatenation" modified nvmetcpsetupctrl to call nvmetcpconfigureadminqueue twice. The first call...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix potential memory corruption in nvmetcprecvpdu nvmetcprecvpdu doesn't check the validity of the header length. When header digests are enabled, a target might send a packet with an invalid header length e.g. 255,...

kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()

An unchecked buffer bounds flaw was found in the Linux kernel's NVMe TCP Fabrics driver. An attacker with the ability to send a crafted packet to an affected NVMe host could exploit this flaw to alter kernel memory, leading to an escalation of privileges or a compromise of system integrity or...

DEBIAN-CVE-2025-21927

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix potential memory corruption in nvmetcprecvpdu nvmetcprecvpdu doesn't check the validity of the header length. When header digests are enabled, a target might send a packet with an invalid header length e.g. 255,...

CVE-2024-56632

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix the memleak while create new ctrl failed Now while we create new ctrl failed, we have not free the tagset occupied by adminq, here try to fix it...

CVE-2024-56632 nvme-tcp: fix the memleak while create new ctrl failed

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix the memleak while create new ctrl failed Now while we create new ctrl failed, we have not free the tagset occupied by adminq, here try to fix it...

CVE-2024-56632 nvme-tcp: fix the memleak while create new ctrl failed

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix the memleak while create new ctrl failed Now while we create new ctrl failed, we have not free the tagset occupied by adminq, here try to fix it...

CVE-2024-53100

In the Linux kernel, the following vulnerability has been resolved: nvme: tcp: avoid race between queuelock lock and destroy Commit 76d54bf20cdc "nvme-tcp: don't access released socket during error recovery" added a mutexlock call for the queue-queuelock in nvmetcpgetaddress. However, the mutexlo...

CVE-2024-53100

CVE-2024-53100: Linux kernel nvme-tcp fix for a race between queue_lock usage in nvme_tcp_get_address() and destruction in nvme_tcp_free_queue(). The commit 76d54bf20cdc adds a mutex_lock for queue->queue_lock, but this can race with mutex_destroy(), triggering a WARN during error recovery. A ...