CVE-2025-37825

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability has been identified in the Linux kernel, specifically in the nvmet component. The issue arises when attempting to enable a port without a configured transport, causing an out-of-bounds access in the nvmet enable port() function. This occurs because NVMF TRTYPE MAX (255) is used to query the transports array. The problem can be avoided by checking for NVMF TRTYPE MAX before proceeding.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.