CRITICAL
net/tcp TCP-AO Leak
CVE-2026-43384
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
KernelScan AI3.7LOW
01Description
In the Linux kernel, the following vulnerability has been resolved: net/tcp-ao: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.
02KernelScan AI Analysis
Risk summary
Systems using TCP-AO for connection authentication are vulnerable to timing side-channel attacks that can leak information about expected MAC values. Attackers can send crafted TCP packets and measure response times to gradually extract bits of the authentication key material.
Vulnerability analysis
The vulnerability exists in the MAC verification function for TCP-AO (Authentication Option) where memcmp() was used for comparing computed and received MAC values. This function returns early on the first byte difference, creating measurable timing variations that leak information about the expected MAC through side-channel analysis. The fix replaces memcmp() with crypto_memneq() which performs constant-time comparison regardless of where differences occur. The attack surface includes any TCP service using TCP-AO authentication, reachable over network connections.
03Fix Versions
| Branch | Fixed in | Patch commit |
|---|---|---|
| 6.12 | 6.12.78 | 8be6ed64966d |
| 6.18 | 6.18.19 | a269cbdc442f |
| 6.19 | 6.19.9 | 080b0e210088 |
| mainline | 7.0 | 67edfec516d3 |