Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 4.10, < 5.15.190 |
| Debian | Debian Linux | 11.0 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/3b348c9c8d2ca2c67559ffd0e258ae7e1107d4f0Patch
- https://git.kernel.org/stable/c/3ddd55cf19ed6cc62def5e3af10c2a9df1b861c3Patch
- https://git.kernel.org/stable/c/86b6d34717fe0570afce07ee79b8eeb40341f831Patch
- https://git.kernel.org/stable/c/a458b2902115b26a25d67393b12ddd57d1216aaaPatch
- https://git.kernel.org/stable/c/b3967c493799e63f648e9c7b6cb063aa2aed04e7Patch
- https://git.kernel.org/stable/c/f7878d47560d61e3f370aca3cebb8f42a55b990aPatch
- https://git.kernel.org/stable/c/ff55a452d56490047f5233cc48c5d933f8586884Patch
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.htmlMailing ListThird Party Advisory
- https://cert-portal.siemens.com/productcert/html/ssa-032379.html
FAQ
What is CVE-2025-39702?
CVE-2025-39702 is a vulnerability with a CVSS score of 7.0 (HIGH). In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the app...
How severe is CVE-2025-39702?
CVE-2025-39702 has been rated HIGH with a CVSS base score of 7.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-39702?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Debian Debian Linux.