I wonder if CVE-2022-1012 affects CentOS7.9.
RedHat expressed that RHEL7 is affected in CVE-2022-1012 on RedHat Customer Portal
The Kernel github said that a hash generated by siphash has vulnerability when it is used as 32bit, which is casted down from 64bit.
So I checked source of secure_ipv4_port_ephemeral, which is a target function to be revised for CVE-2022-1012, includied in the kernel 3.10.0-1160.el7 for CentOS7.9, then there is no use of siphash, although the latest one uses siphash instead of md5transform.
I already know there is another vulnerability about source port generating algorithm, by which attacker could guess the port easily, on secure_ipv4_port_ephemeral function on CentOS7, becase CentOS7 uses algorithm3 described in Transport Protocol Port Randomization Recommendations.
u32 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport)
hash = (__force u32)saddr;
hash = (__force u32)daddr;
hash = (__force u32)dport ^ net_secret;
hash = net_secret;