Timing Attack Vulnerability in Linux Kernel IPv6 Implementation
CVE-2025-39702

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
5 September 2025

What is CVE-2025-39702?

A vulnerability in the Linux kernel's IPv6 implementation has been identified that may expose systems to timing attacks. Specifically, the lack of constant-time comparison for Message Authentication Codes (MACs) can allow attackers to infer sensitive information through careful timing analysis. To mitigate this risk, it is essential to utilize appropriate helper functions for MAC comparison that ensure constant-time execution, thus fortifying the system against potential exploitation of this weakness. Users are advised to update to the latest version of the Linux kernel to benefit from security enhancements.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux bf355b8d2c30a289232042cacc1cfaea4923936c

Linux bf355b8d2c30a289232042cacc1cfaea4923936c < 3b348c9c8d2ca2c67559ffd0e258ae7e1107d4f0

Linux bf355b8d2c30a289232042cacc1cfaea4923936c < 86b6d34717fe0570afce07ee79b8eeb40341f831

References

https://git.kernel.org/stable/c/ff55a452d56490047f5233cc4...
https://git.kernel.org/stable/c/3b348c9c8d2ca2c67559ffd0e...
https://git.kernel.org/stable/c/86b6d34717fe0570afce07ee7...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.