VDB

CVE-2026-23247

CVE-2026-23247 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: tcp: secure_seq: add back ports to TS offset This reverts 28ee1b746f49 ("secure_seq: downgrade to per-host timestamp offsets") tcp_tw_recycle went away in 2017. Zhouyan Deng reported off-path TCP source port leakage via SYN cookie side-channel that can be fixed in multiple ways. One of them is to bring back TCP ports in TS offset randomization. As a bonus, we perform a single siphash() computation to provide both an ISN and a TS offset.

EPSS 0.02% · 4.6th percentile

Risk Scores

EPSS Score
0.02%
4.6th percentile

Affected Products

VendorProductVersions
LinuxLinux0, 443fac9f2618b93cbc5ab068dc594530236b3a23, 4.11
linuxlinux_kernel4.11, 4.11, 4.10.14

Timeline

  • Mar 18, 2026 EPSS Score
  • Mar 18, 2026 CVE Published
  • Mar 19, 2026 EPSS Score
  • Mar 20, 2026 EPSS Score
  • Mar 21, 2026 EPSS Score
  • Mar 22, 2026 EPSS Score
  • Mar 22, 2026 Coalition ESS Score
  • Mar 23, 2026 EPSS Score
  • Mar 24, 2026 EPSS Score
  • Mar 25, 2026 EPSS Score
  • Mar 29, 2026 Security Advisory
  • May 18, 2026 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›