anonhaven
Ad

CVE-2026-23364

HIGH CVSS 3.1: 7.4 EPSS 0.05%
Updated Apr 02, 2026
Linux
Parameter Value
CVSS 7.4 (HIGH)
Vendor Linux
Public PoC No

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Compare MACs in constant time To prevent timing attacks, MAC comparisons need to be constant-time. Replace the memcmp() with the correct function, crypto_memneq().

Attack Parameters

Attack Vector
Network
Can be exploited remotely
Attack Complexity
High
Difficult to exploit
Privileges Required
None
No privileges needed
User Interaction
None
No user interaction needed

Impact Assessment

Confidentiality
High
Complete data leak
Integrity
High
Complete data modification
Availability
None
No disruption

CVSS Vector v3.1

References 6

https://git.kernel.org/stable/c/2cdc56ed67615ba0921383a688f24415ebe065f3
416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/307afccb751f542246bd5dc68a2c1ffe1a78418c
416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/93c0a22fec914ec4b697e464895a0f594e29fb28
416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/c5794709bc9105935dbedef8b9cf9c06f2b559fa
416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/cd52a0e309659537048a864211abc3ea4c5caa63
416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/f4588b85efd6007d46b80aa1b9fb746628ffb3dc
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Share Post Share Share Share

Related Vulnerabilities

CVE-2026-34776

Linux

5.3

CVE-2026-34990

Linux

5.0

CVE-2026-34980

Linux

6.1

CVE-2026-34979

Linux

5.3

CVE-2026-34978

Linux

6.5