Back to search
CVE-2026-43384
Published: May 8, 2026
Modified: May 11, 2026
PUBLISHED
CVSS v3.1
9.8
CRITICAL
Description
In the Linux kernel, the following vulnerability has been resolved: net/tcp-ao: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 0a3a809089eb1d4a0a2fd0c16b520d603988c859 - < 8be6ed64966da48b6c4726918f106c18742a5125affected 0a3a809089eb1d4a0a2fd0c16b520d603988c859 - < a269cbdc442f8658bca35383e34b9d0b0ff95a1caffected 0a3a809089eb1d4a0a2fd0c16b520d603988c859 - < 080b0e210088296dd50d6637c06c1db14246adfeaffected 0a3a809089eb1d4a0a2fd0c16b520d603988c859 - < 67edfec516d30d3e62925c397be4a1e5185802fc |
Linux | Linux | affected 6.7unaffected 0 - < 6.7unaffected 6.12.78 - <= 6.12.*unaffected 6.18.19 - <= 6.18.*unaffected 6.19.9 - <= 6.19.*+1 more versions |
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now