In the Linux kernel, the following vulnerability has been resolved: net/tcp-ao: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.

A flaw was found in the Linux kernel's TCP Authentication Option (TCP-AO) implementation. This vulnerability arises from a non-constant-time comparison of Message Authentication Codes (MACs). A remote attacker could potentially exploit this timing discrepancy to perform a timing attack, which may lead to the disclosure of sensitive information.

Red Hat Enterprise Linux 10 Not affected kernel Red Hat Enterprise Linux 6 Not affected kernel Red Hat Enterprise Linux 7 Not affected kernel Red Hat Enterprise Linux 7 Not affected kernel-rt Red Hat Enterprise Linux 8 Not affected kernel Red Hat Enterprise Linux 8 Not affected kernel-rt Red Hat Enterprise Linux 9 Not affected kernel Red Hat Enterprise Linux 9 Not affected kernel-rt https://www.cve.org/CVERecord?id=CVE-2026-43384 https://nvd.nist.gov/vuln/detail/CVE-2026-43384 https://lore.kernel.org/linux-cve-announce/2026050834-CVE-2026-43384-d8ea@gregkh/T