CVE-2025-21927: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability was discovered in the Linux kernel's NVMe-TCP implementation, specifically in the nvme_tcp_recv_pdu() function. The vulnerability (CVE-2025-21927) was disclosed on April 1, 2025, affecting Linux kernel versions from 6.13 up to (excluding) 6.13.7, as well as version 6.14 release candidates (rc1 through rc5) (NVD).

The vulnerability stems from the nvme_tcp_recv_pdu() function not validating header length properly. When header digests are enabled, an attacker could potentially send a packet with an invalid header length (e.g., 255), causing nvme_tcp_verify_hdgst() to access memory outside the allocated area. This results in potential memory corruption when overwriting with the calculated digest. The vulnerability has been assigned a CVSS v3.1 Base Score of 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating local access requirements with high impacts on confidentiality, integrity, and availability (NVD).

The vulnerability can lead to memory corruption in affected Linux kernel systems where NVMe-TCP is in use with header digests enabled. This could potentially result in system crashes or arbitrary code execution with elevated privileges (NVD).

The vulnerability has been fixed by implementing proper validation of packet header lengths, rejecting packets with unexpected header lengths. Users should update to patched versions of the Linux kernel when available (NVD).