CVE-2026-43383 PUBLISHED

net/tcp-md5: Fix MAC comparison to be constant-time

Assigner: Linux
Reserved: 01.05.2026 Published: 08.05.2026 Updated: 08.05.2026

In the Linux kernel, the following vulnerability has been resolved:

net/tcp-md5: Fix MAC comparison to be constant-time

To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.

Vendor	Linux
Product	Linux
Versions	Default: unaffected affected from cfb6eeb4c860592edd123fdea908d23c6ad1c7dc to 821c8751fdeecdeecabeb11704dd33439c9e4bbc (excl.) affected from cfb6eeb4c860592edd123fdea908d23c6ad1c7dc to 345a9530756528d7ca407663d659c3c40e75c3dd (excl.) affected from cfb6eeb4c860592edd123fdea908d23c6ad1c7dc to 5d305a95130a8d08b9545e47f1e18d29d59866cb (excl.) affected from cfb6eeb4c860592edd123fdea908d23c6ad1c7dc to 02669e2a4d207068edce7e8b5fafd85822018ce6 (excl.) affected from cfb6eeb4c860592edd123fdea908d23c6ad1c7dc to ae3831b44f477de048287493e184fc3ff913b624 (excl.) affected from cfb6eeb4c860592edd123fdea908d23c6ad1c7dc to b502e97e29d791ff7a8051f29a414535739be218 (excl.) affected from cfb6eeb4c860592edd123fdea908d23c6ad1c7dc to 46d0d6f50dab706637f4c18a470aac20a21900d3 (excl.)

Vendor	Linux
Product	Linux
Versions	Default: affected Version 2.6.20 is affected unaffected from 0 to 2.6.20 (excl.) unaffected from 5.10.253 to 5.10.* (incl.) unaffected from 6.1.167 to 6.1.* (incl.) unaffected from 6.6.130 to 6.6.* (incl.) unaffected from 6.12.78 to 6.12.* (incl.) unaffected from 6.18.19 to 6.18.* (incl.) unaffected from 6.19.9 to 6.19.* (incl.) unaffected from 7.0 to * (incl.)