CVE-2026-23364 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Compare MACs in constant time To prevent timing attacks, MAC comparisons need to be constant-time. Replace the memcmp() with the correct function, crypto_memneq().

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/2cdc56ed67615ba0921383a688f24415ebe065f3
https://git.kernel.org/stable/c/307afccb751f542246bd5dc68a2c1ffe1a78418c
https://git.kernel.org/stable/c/93c0a22fec914ec4b697e464895a0f594e29fb28
https://git.kernel.org/stable/c/c5794709bc9105935dbedef8b9cf9c06f2b559fa
https://git.kernel.org/stable/c/cd52a0e309659537048a864211abc3ea4c5caa63
https://git.kernel.org/stable/c/f4588b85efd6007d46b80aa1b9fb746628ffb3dc

History

Wed, 25 Mar 2026 10:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: ksmbd: Compare MACs in constant time To prevent timing attacks, MAC comparisons need to be constant-time. Replace the memcmp() with the correct function, crypto_memneq().
Title		ksmbd: Compare MACs in constant time
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/2cdc56ed67615ba0921383a688f24415ebe065f3 https://git.kernel.org/stable/c/307afccb751f542246bd5dc68a2c1ffe1a78418c https://git.kernel.org/stable/c/93c0a22fec914ec4b697e464895a0f594e29fb28 https://git.kernel.org/stable/c/c5794709bc9105935dbedef8b9cf9c06f2b559fa https://git.kernel.org/stable/c/cd52a0e309659537048a864211abc3ea4c5caa63 https://git.kernel.org/stable/c/f4588b85efd6007d46b80aa1b9fb746628ffb3dc

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-03-25T10:27:46.960Z

Updated: 2026-03-25T10:27:46.960Z

Reserved: 2026-01-13T15:37:46.002Z

Link: CVE-2026-23364

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-03-25T11:16:35.547

Modified: 2026-03-25T11:16:35.547

Link: CVE-2026-23364

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23364", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:46.002Z", "datePublished": "2026-03-25T10:27:46.960Z", "dateUpdated": "2026-03-25T10:27:46.960Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-03-25T10:27:46.960Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: Compare MACs in constant time\n\nTo prevent timing attacks, MAC comparisons need to be constant-time.\nReplace the memcmp() with the correct function, crypto_memneq()."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/smb/server/Kconfig", "fs/smb/server/auth.c", "fs/smb/server/smb2pdu.c"], "versions": [{"version": "e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9", "lessThan": "cd52a0e309659537048a864211abc3ea4c5caa63", "status": "affected", "versionType": "git"}, {"version": "e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9", "lessThan": "307afccb751f542246bd5dc68a2c1ffe1a78418c", "status": "affected", "versionType": "git"}, {"version": "e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9", "lessThan": "2cdc56ed67615ba0921383a688f24415ebe065f3", "status": "affected", "versionType": "git"}, {"version": "e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9", "lessThan": "93c0a22fec914ec4b697e464895a0f594e29fb28", "status": "affected", "versionType": "git"}, {"version": "e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9", "lessThan": "f4588b85efd6007d46b80aa1b9fb746628ffb3dc", "status": "affected", "versionType": "git"}, {"version": "e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9", "lessThan": "c5794709bc9105935dbedef8b9cf9c06f2b559fa", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/smb/server/Kconfig", "fs/smb/server/auth.c", "fs/smb/server/smb2pdu.c"], "versions": [{"version": "5.15", "status": "affected"}, {"version": "0", "lessThan": "5.15", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.167", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.130", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.78", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.19", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.7", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0-rc2", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15", "versionEndExcluding": "6.1.167"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15", "versionEndExcluding": "6.6.130"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15", "versionEndExcluding": "6.12.78"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15", "versionEndExcluding": "6.18.19"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15", "versionEndExcluding": "6.19.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15", "versionEndExcluding": "7.0-rc2"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/cd52a0e309659537048a864211abc3ea4c5caa63"}, {"url": "https://git.kernel.org/stable/c/307afccb751f542246bd5dc68a2c1ffe1a78418c"}, {"url": "https://git.kernel.org/stable/c/2cdc56ed67615ba0921383a688f24415ebe065f3"}, {"url": "https://git.kernel.org/stable/c/93c0a22fec914ec4b697e464895a0f594e29fb28"}, {"url": "https://git.kernel.org/stable/c/f4588b85efd6007d46b80aa1b9fb746628ffb3dc"}, {"url": "https://git.kernel.org/stable/c/c5794709bc9105935dbedef8b9cf9c06f2b559fa"}], "title": "ksmbd: Compare MACs in constant time", "x_generator": {"engine": "bippy-1.2.0"}}}}