CVE-2026-43384

Summary

In the Linux kernel, the following vulnerability has been resolved:

net/tcp-ao: Fix MAC comparison to be constant-time

To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0a3a809089eb1d4a0a2fd0c16b520d603988c859 < 8be6ed64966da48b6c4726918f106c18742a5125affected
LinuxLinux0a3a809089eb1d4a0a2fd0c16b520d603988c859 < a269cbdc442f8658bca35383e34b9d0b0ff95a1caffected
LinuxLinux0a3a809089eb1d4a0a2fd0c16b520d603988c859 < 080b0e210088296dd50d6637c06c1db14246adfeaffected
LinuxLinux0a3a809089eb1d4a0a2fd0c16b520d603988c859 < 67edfec516d30d3e62925c397be4a1e5185802fcaffected
LinuxLinux6.7affected
LinuxLinux0 < 6.7unaffected
LinuxLinux6.12.78 <= 6.12.*unaffected
LinuxLinux6.18.19 <= 6.18.*unaffected
LinuxLinux6.19.9 <= 6.19.*unaffected
LinuxLinux7.0 <= *unaffected

Weaknesses

References