CRITICAL
net/tcp MD5 Timing Leak
CVE-2026-43383
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
KernelScan AI3.7LOW
01Description
In the Linux kernel, the following vulnerability has been resolved: net/tcp-md5: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.
02KernelScan AI Analysis
Risk summary
TCP MD5 signature verification uses non-constant-time comparison, allowing remote attackers to extract partial MAC information through timing analysis. This primarily affects BGP routers and other systems using RFC2385 TCP MD5 signatures.
Vulnerability analysis
The TCP MD5 signature verification code used memcmp() for MAC comparison, which returns early on the first byte difference, creating measurable timing variations. An attacker can send crafted TCP packets with different MAC values and measure response times to determine how many bytes matched before the first difference, gradually extracting MAC information. The fix replaces memcmp() with crypto_memneq(), which always examines all bytes in constant time regardless of differences.
03Fix Versions
| Branch | Fixed in | Patch commit |
|---|---|---|
| 5.10 | 5.10.253 | 821c8751fdee |
| 6.1 | 6.1.167 | 345a95307565 |
| 6.12 | 6.12.78 | 02669e2a4d20 |
| 6.18 | 6.18.19 | ae3831b44f47 |
| 6.19 | 6.19.9 | b502e97e29d7 |
| 6.6 | 6.6.130 | 5d305a95130a |
| mainline | 7.0 | 46d0d6f50dab |