The Linux kernel vulnerability tracked as CVE-2025-38264 affects the NVMe-over-TCP host driver (nvme‑tcp) and was fixed upstream by defensive checks in the nvme TCP code; Microsoft’s public advisory names Azure Linux as a Microsoft product that “includes this open‑source library and is therefore...
