CVE-2026-23247

Published: Mar 18, 2026Modified: May 21, 2026

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: tcp: secure_seq: add back ports to TS offset This reverts 28ee1b746f49 ("secure_seq: downgrade to per-host timestamp offsets") tcp_tw_recycle went away in 2017. Zhouyan Deng reported off-path TCP source port leakage via SYN cookie side-channel that can be fixed in multiple ways. One of them is to bring back TCP ports in TS offset randomization. As a bonus, we perform a single siphash() computation to provide both an ISN and a TS offset.

Affected (9)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	After 4.11 to 6.18.17
Linux Linux Kernel	From 6.19 to 6.19.7
Linux Linux Kernel	Version 4.10.14
Linux Linux Kernel	Version 4.11
Linux Linux Kernel	Version 4.11 rc6
Linux Linux Kernel	Version 4.11 rc7
Linux Linux Kernel	Version 4.11 rc8
Linux Linux Kernel	Version 7.0 rc1
Linux Linux Kernel	Version 7.0 rc2

References (3)

https://git.kernel.org/stable/c/165573e41f2f66ef98940cf65f838b2cb575d9d1

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/46e5b0d7cf55821527adea471ffe52a5afbd9caf

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/eae2f14ab2efccdb7480fae7d42c4b0116ef8805

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

Timeline

No history available yet.