7
CVE-2025-39702
- EPSS 0.15%
- Veröffentlicht 05.09.2025 17:21:08
- Zuletzt bearbeitet 12.05.2026 13:17:06
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
ipv6: sr: Fix MAC comparison to be constant-time
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.10 < 5.15.190
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.149
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.103
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.44
Linux ≫ Linux Kernel Version >= 6.13 < 6.16.4
Linux ≫ Linux Kernel Version6.17 Updaterc1
Linux ≫ Linux Kernel Version6.17 Updaterc2
Debian ≫ Debian Linux Version11.0
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.15% | 0.044 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7 | 1 | 5.9 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-203 Observable Discrepancy
The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.
https://git.kernel.org/stable/c/3b348c9c8d2ca2c67559ffd0e258ae7e1107d4f0
https://git.kernel.org/stable/c/86b6d34717fe0570afce07ee79b8eeb40341f831
https://git.kernel.org/stable/c/3ddd55cf19ed6cc62def5e3af10c2a9df1b861c3
https://git.kernel.org/stable/c/b3967c493799e63f648e9c7b6cb063aa2aed04e7
https://git.kernel.org/stable/c/f7878d47560d61e3f370aca3cebb8f42a55b990a
https://git.kernel.org/stable/c/a458b2902115b26a25d67393b12ddd57d1216aaa
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
https://git.kernel.org/stable/c/ff55a452d56490047f5233cc48c5d933f8586884
https://cert-portal.siemens.com/productcert/html/ssa-032379.html