CRITICALCVE-2026-43383Published Modified CNA Linux
CVE-2026-43383: net/tcp-md5: Fix MAC comparison to be constant-time
In the Linux kernel, the following vulnerability has been resolved: net/tcp-md5: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.
Metrics
- CVSS v3.1
- 9.4
- Severity
- CRITICAL
- Fixed in
- 0
- Affected Products
- 2
Fix available
002669e2a4d207068edce7e8b5fafd85822018ce6345a9530756528d7ca407663d659c3c40e75c3dd46d0d6f50dab706637f4c18a470aac20a21900d35.10.2535d305a95130a8d08b9545e47f1e18d29d59866cb6.1.1676.6.1306.12.786.18.196.19.97.0821c8751fdeecdeecabeb11704dd33439c9e4bbcae3831b44f477de048287493e184fc3ff913b624b502e97e29d791ff7a8051f29a414535739be218
Affected packages
- Linux / Linux< 821c8751fdeecdeecabeb11704dd33439c9e4bbc (from cfb6eeb4c860592edd123fdea908d23c6ad1c7dc) · < 345a9530756528d7ca407663d659c3c40e75c3dd (from cfb6eeb4c860592edd123fdea908d23c6ad1c7dc) · < 5d305a95130a8d08b9545e47f1e18d29d59866cb (from cfb6eeb4c860592edd123fdea908d23c6ad1c7dc) · < 02669e2a4d207068edce7e8b5fafd85822018ce6 (from cfb6eeb4c860592edd123fdea908d23c6ad1c7dc) · < ae3831b44f477de048287493e184fc3ff913b624 (from cfb6eeb4c860592edd123fdea908d23c6ad1c7dc) · < b502e97e29d791ff7a8051f29a414535739be218 (from cfb6eeb4c860592edd123fdea908d23c6ad1c7dc)
- Linux / Linux2.6.20Fixed in 0, 5.10.253, 6.1.167, 6.6.130, 6.12.78, 6.18.19, 6.19.9, 7.0
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H