VDB
CVE-2026-23364
CVE-2026-23364
PUBLISHED
CVSS 7.400000095367432 HIGH
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Compare MACs in constant time To prevent timing attacks, MAC comparisons need to be constant-time. Replace the memcmp() with the correct function, crypto_memneq().
EPSS 0.05% · 16.7th percentile
Risk Scores
CVSS v3.1
7.400000095367432
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score
0.05%
16.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux | 7.0, e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9, 5.15 |
| linux | linux_kernel | 5.15, 5.15, 5.15 |
Timeline
- Mar 25, 2026 EPSS Score
- Mar 25, 2026 Coalition ESS Score
- Mar 25, 2026 CVE Published
- Mar 29, 2026 Security Advisory
- Mar 29, 2026 PoC Published
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
References
- https://git.kernel.org/stable/c/cd52a0e309659537048a864211abc3ea4c5caa63 url
- https://git.kernel.org/stable/c/307afccb751f542246bd5dc68a2c1ffe1a78418c url
- https://git.kernel.org/stable/c/2cdc56ed67615ba0921383a688f24415ebe065f3 url
- https://git.kernel.org/stable/c/93c0a22fec914ec4b697e464895a0f594e29fb28 url
- https://git.kernel.org/stable/c/f4588b85efd6007d46b80aa1b9fb746628ffb3dc url
- https://git.kernel.org/stable/c/c5794709bc9105935dbedef8b9cf9c06f2b559fa url
- https://nvd.nist.gov/vuln/detail/CVE-2026-23364 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32748 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4438 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23347 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23268 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23392 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23319 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23253 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23296 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23364 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23368 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27654 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-30922 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23286 advisory
…and 68 more