Description
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Compare MACs in constant time To prevent timing attacks, MAC comparisons need to be constant-time. Replace the memcmp() with the correct function, crypto_memneq().
References (7)
Core 7
Core References
Scores
CVSS v3
7.4
EPSS
0.0039
EPSS Percentile
31.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Details
Status
published
Products (27)
linux/Kernel
5.15.0 - 5.15.210linux
linux/Kernel
5.15.0 - 6.1.167linux
linux/Kernel
5.16.0 - 6.1.167linux
linux/Kernel
6.13.0 - 6.18.19linux
linux/Kernel
6.19.0 - 6.19.7linux
linux/Kernel
6.2.0 - 6.6.130linux
linux/Kernel
6.7.0 - 6.12.78linux
Linux/Linux
< 5.15
Linux/Linux
5.15
Linux/Linux
5.15.210 - 5.15.*
... and 17 more
Published
Mar 25, 2026
Tracked Since
Mar 25, 2026