CVE-2025-39702 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved:

ipv6: sr: Fix MAC comparison to be constant-time

To prevent timing attacks, MACs need to be compared in constant time.
Use the appropriate helper function for this.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/3b348c9c8d2ca2c67559ffd0e258ae7e1107d4f0
https://git.kernel.org/stable/c/3ddd55cf19ed6cc62def5e3af10c2a9df1b861c3
https://git.kernel.org/stable/c/86b6d34717fe0570afce07ee79b8eeb40341f831
https://git.kernel.org/stable/c/a458b2902115b26a25d67393b12ddd57d1216aaa
https://git.kernel.org/stable/c/b3967c493799e63f648e9c7b6cb063aa2aed04e7
https://git.kernel.org/stable/c/f7878d47560d61e3f370aca3cebb8f42a55b990a

History

Fri, 05 Sep 2025 17:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.
Title		ipv6: sr: Fix MAC comparison to be constant-time
References		https://git.kernel.org/stable/c/3b348c9c8d2ca2c67559ffd0e258ae7e1107d4f0 https://git.kernel.org/stable/c/3ddd55cf19ed6cc62def5e3af10c2a9df1b861c3 https://git.kernel.org/stable/c/86b6d34717fe0570afce07ee79b8eeb40341f831 https://git.kernel.org/stable/c/a458b2902115b26a25d67393b12ddd57d1216aaa https://git.kernel.org/stable/c/b3967c493799e63f648e9c7b6cb063aa2aed04e7 https://git.kernel.org/stable/c/f7878d47560d61e3f370aca3cebb8f42a55b990a

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-09-05T17:21:08.674Z

Updated: 2025-09-05T17:21:08.674Z

Reserved: 2025-04-16T07:20:57.115Z

Link: CVE-2025-39702

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-09-05T18:15:47.270

Modified: 2025-09-05T18:15:47.270

Link: CVE-2025-39702

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-39702", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T07:20:57.115Z", "datePublished": "2025-09-05T17:21:08.674Z", "dateUpdated": "2025-09-05T17:21:08.674Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-09-05T17:21:08.674Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: sr: Fix MAC comparison to be constant-time\n\nTo prevent timing attacks, MACs need to be compared in constant time.\nUse the appropriate helper function for this."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/ipv6/seg6_hmac.c"], "versions": [{"version": "bf355b8d2c30a289232042cacc1cfaea4923936c", "lessThan": "3b348c9c8d2ca2c67559ffd0e258ae7e1107d4f0", "status": "affected", "versionType": "git"}, {"version": "bf355b8d2c30a289232042cacc1cfaea4923936c", "lessThan": "86b6d34717fe0570afce07ee79b8eeb40341f831", "status": "affected", "versionType": "git"}, {"version": "bf355b8d2c30a289232042cacc1cfaea4923936c", "lessThan": "3ddd55cf19ed6cc62def5e3af10c2a9df1b861c3", "status": "affected", "versionType": "git"}, {"version": "bf355b8d2c30a289232042cacc1cfaea4923936c", "lessThan": "b3967c493799e63f648e9c7b6cb063aa2aed04e7", "status": "affected", "versionType": "git"}, {"version": "bf355b8d2c30a289232042cacc1cfaea4923936c", "lessThan": "f7878d47560d61e3f370aca3cebb8f42a55b990a", "status": "affected", "versionType": "git"}, {"version": "bf355b8d2c30a289232042cacc1cfaea4923936c", "lessThan": "a458b2902115b26a25d67393b12ddd57d1216aaa", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/ipv6/seg6_hmac.c"], "versions": [{"version": "4.10", "status": "affected"}, {"version": "0", "lessThan": "4.10", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.190", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.149", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.103", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.44", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.16.4", "lessThanOrEqual": "6.16.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.17-rc3", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.10", "versionEndExcluding": "5.15.190"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.10", "versionEndExcluding": "6.1.149"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.10", "versionEndExcluding": "6.6.103"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.10", "versionEndExcluding": "6.12.44"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.10", "versionEndExcluding": "6.16.4"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.10", "versionEndExcluding": "6.17-rc3"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/3b348c9c8d2ca2c67559ffd0e258ae7e1107d4f0"}, {"url": "https://git.kernel.org/stable/c/86b6d34717fe0570afce07ee79b8eeb40341f831"}, {"url": "https://git.kernel.org/stable/c/3ddd55cf19ed6cc62def5e3af10c2a9df1b861c3"}, {"url": "https://git.kernel.org/stable/c/b3967c493799e63f648e9c7b6cb063aa2aed04e7"}, {"url": "https://git.kernel.org/stable/c/f7878d47560d61e3f370aca3cebb8f42a55b990a"}, {"url": "https://git.kernel.org/stable/c/a458b2902115b26a25d67393b12ddd57d1216aaa"}], "title": "ipv6: sr: Fix MAC comparison to be constant-time", "x_generator": {"engine": "bippy-1.2.0"}}}}