PT-2026-26050 · Linux · Linux
Published
2026-03-18
·
Updated
2026-03-18
·
CVE-2026-23247
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
In the Linux kernel, the following vulnerability has been resolved:
tcp: secure seq: add back ports to TS offset
This reverts 28ee1b746f49 ("secure seq: downgrade to per-host timestamp offsets")
tcp tw recycle went away in 2017.
Zhouyan Deng reported off-path TCP source port leakage via
SYN cookie side-channel that can be fixed in multiple ways.
One of them is to bring back TCP ports in TS offset randomization.
As a bonus, we perform a single siphash() computation
to provide both an ISN and a TS offset.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linux