Security Advisory

CVE-2026-4652

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-26 06:15:00

Last updated 2026-03-26 13:31:31

Assigner freebsd

State PUBLISHED

Description

On a system exposing an NVMe/TCP target, a remote client can trigger a kernel panic by sending a CONNECT command for an I/O queue with a bogus or stale CNTLID. An attacker with network access to the NVMe/TCP target can trigger an unauthenticated Denial of Service condition on the affected machine.

← Browse all CVEs View on cve.org ↗