Zhouyan Deng

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The Linux kernel addresses an issue where off-path TCP source port leakage could occur via a SYN cookie side-channel. The resolution involves reintroducing TCP ports into the timestamp offset randomization process, effectively reverting a previous change. This is achieved through a single siphash() computation to generate both an Initial Sequence Number (ISN) and a timestamp offset. The issue was reported by Zhouyan Deng. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.