Описание
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| linux | fixed | 6.17.6-1 | package | |
| linux | fixed | 6.12.57-1 | trixie | package |
| linux | fixed | 6.1.158-1 | bookworm | package |
Примечания
https://git.kernel.org/linus/dd91c79e4f58fbe2898dac84858033700e0e99fb (6.18-rc1)
EPSS
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.
Уязвимость модулей net/sctp/sm_make_chunk.c и net/sctp/sm_statefuns.c ядра операционной системы Linux, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS