CVE-2026-23364

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the kernel’s ksmbd component related to Message Authentication Code (MAC) comparisons. The issue stems from the use of memcmp() for MAC comparisons, which is susceptible to timing attacks. To address this, the memcmp() function should be replaced with crypto memneq() to ensure constant-time comparisons, preventing potential information disclosure through timing variations.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.