CVE Catalog
CVE-2026-43383
CriticalCVSS 9.4Exploitation Probability (EPSS)
Low risk0.43%
34th percentile — higher than 34% of all known CVEs
Summary
A vulnerability in the Linux kernel related to MAC comparison in the tcp-md5 protocol has been fixed to prevent timing attacks.
Risk Assessment
Inadequate MAC comparison may lead to information disclosure through timing attacks, jeopardizing data integrity.
Recommendation
It is recommended to update the Linux kernel to the latest version to benefit from the fix regarding MAC comparison.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: net/tcp-md5: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.

