CVE-2026-23247

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> tcp: secure_seq: add back ports to TS offset<br /> <br /> This reverts 28ee1b746f49 ("secure_seq: downgrade to per-host timestamp offsets")<br /> <br /> tcp_tw_recycle went away in 2017.<br /> <br /> Zhouyan Deng reported off-path TCP source port leakage via<br /> SYN cookie side-channel that can be fixed in multiple ways.<br /> <br /> One of them is to bring back TCP ports in TS offset randomization.<br /> <br /> As a bonus, we perform a single siphash() computation<br /> to provide both an ISN and a TS offset.