CVE-2026-23247

UNKNOWN 0.0

tcp: secure_seq: add back ports to TS offset

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: tcp: secure_seq: add back ports to TS offset This reverts 28ee1b746f49 ("secure_seq: downgrade to per-host timestamp offsets") tcp_tw_recycle went away in 2017. Zhouyan Deng reported off-path TCP source port leakage via SYN cookie side-channel that can be fixed in multiple ways. One of them is to bring back TCP ports in TS offset randomization. As a bonus, we perform a single siphash() computation to provide both an ISN and a TS offset.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Mar 18, 2026
Last Updated	Apr 13, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

28ee1b746f493b7c62347d714f58fbf4f70df4f0 < eae2f14ab2efccdb7480fae7d42c4b0116ef8805 28ee1b746f493b7c62347d714f58fbf4f70df4f0 < 46e5b0d7cf55821527adea471ffe52a5afbd9caf 28ee1b746f493b7c62347d714f58fbf4f70df4f0 < 165573e41f2f66ef98940cf65f838b2cb575d9d1 443fac9f2618b93cbc5ab068dc594530236b3a23

Linux / Linux

4.11

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/eae2f14ab2efccdb7480fae7d42c4b0116ef8805 git.kernel.org: https://git.kernel.org/stable/c/46e5b0d7cf55821527adea471ffe52a5afbd9caf git.kernel.org: https://git.kernel.org/stable/c/165573e41f2f66ef98940cf65f838b2cb575d9d1