9.8
CVE-2026-43384
- EPSS 0.46%
- Veröffentlicht 08.05.2026 14:21:31
- Zuletzt bearbeitet 26.05.2026 17:05:52
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
net/tcp-ao: Fix MAC comparison to be constant-time
In the Linux kernel, the following vulnerability has been resolved: net/tcp-ao: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.78
Linux ≫ Linux Kernel Version >= 6.13 < 6.18.19
Linux ≫ Linux Kernel Version >= 6.19 < 6.19.9
Linux ≫ Linux Kernel Version7.0 Updaterc1
Linux ≫ Linux Kernel Version7.0 Updaterc2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.46% | 0.361 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
https://git.kernel.org/stable/c/8be6ed64966da48b6c4726918f106c18742a5125
https://git.kernel.org/stable/c/a269cbdc442f8658bca35383e34b9d0b0ff95a1c
https://git.kernel.org/stable/c/080b0e210088296dd50d6637c06c1db14246adfe
https://git.kernel.org/stable/c/67edfec516d30d3e62925c397be4a1e5185802fc