Search CVE reports
1 – 10 of 20 results
CVE-2023-3758
Medium prioritySome fixes available 5 of 7
A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.
1 affected package
sssd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sssd | Fixed | Fixed | Fixed | Needs evaluation | Needs evaluation |
CVE-2023-3326
Low prioritypam_krb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket (tgt) from the Kerberos KDC (Key Distribution Center) over the network, as a way to verify the password. However, if a...
2 affected packages
libpam-krb5, sssd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libpam-krb5 | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
sssd | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2022-4254
Medium prioritySome fixes available 1 of 2
sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
1 affected package
sssd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sssd | Not affected | Not affected | Fixed | Vulnerable | Not affected |
CVE-2016-20013
Negligible prioritysha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password.
8 affected packages
dietlibc, eglibc, glibc, sssd, syslinux...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dietlibc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
glibc | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
sssd | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
syslinux | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
syslinux-legacy | Not in release | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
uclibc | — | — | — | — | Ignored |
zabbix | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2021-3621
Medium priorityA flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted...
1 affected package
sssd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sssd | — | Fixed | Fixed | Fixed | Not affected |
CVE-2012-3462
Low priorityA flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context.
1 affected package
sssd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sssd | — | — | — | Not affected | Not affected |
CVE-2018-16838
Low prioritySome fixes available 1 of 4
A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.
1 affected package
sssd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sssd | Not affected | Not affected | Not affected | Fixed | Vulnerable |
CVE-2019-3811
Low prioritySome fixes available 1 of 4
A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the...
1 affected package
sssd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sssd | Not affected | Not affected | Not affected | Fixed | Vulnerable |
CVE-2018-16883
Low prioritysssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "allowed_uids" configuration parameter. If sensitive information were stored in the user directory, this could...
1 affected package
sssd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sssd | Not affected | Not affected | Not affected | Vulnerable | Vulnerable |
CVE-2018-10852
Low prioritySome fixes available 1 of 5
The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the...
1 affected package
sssd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
sssd | Not affected | Not affected | Not affected | Fixed | Vulnerable |