Back to search
CVE-2026-23364
Published: Mar 25, 2026
Modified: May 11, 2026
PUBLISHED
CVSS v3.1
7.4
HIGH
Description
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Compare MACs in constant time To prevent timing attacks, MAC comparisons need to be constant-time. Replace the memcmp() with the correct function, crypto_memneq().
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 - < cd52a0e309659537048a864211abc3ea4c5caa63affected e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 - < 307afccb751f542246bd5dc68a2c1ffe1a78418caffected e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 - < 2cdc56ed67615ba0921383a688f24415ebe065f3affected e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 - < 93c0a22fec914ec4b697e464895a0f594e29fb28affected e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 - < f4588b85efd6007d46b80aa1b9fb746628ffb3dc+1 more versions |
Linux | Linux | affected 5.15unaffected 0 - < 5.15unaffected 6.1.167 - <= 6.1.*unaffected 6.6.130 - <= 6.6.*unaffected 6.12.78 - <= 6.12.*+3 more versions |
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now