Search CVE reports


Toggle filters

1 – 10 of 20 results


CVE-2023-3758

Medium priority

Some fixes available 5 of 7

A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.

1 affected package

sssd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sssd Fixed Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2023-3326

Low priority
Vulnerable

pam_krb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket (tgt) from the Kerberos KDC (Key Distribution Center) over the network, as a way to verify the password. However, if a...

2 affected packages

libpam-krb5, sssd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libpam-krb5 Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
sssd Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2022-4254

Medium priority

Some fixes available 1 of 2

sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters

1 affected package

sssd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sssd Not affected Not affected Fixed Vulnerable Not affected
Show less packages

CVE-2016-20013

Negligible priority
Vulnerable

sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password.

8 affected packages

dietlibc, eglibc, glibc, sssd, syslinux...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dietlibc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
eglibc Not in release Not in release Not in release Not in release Not in release
glibc Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
sssd Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
syslinux Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
syslinux-legacy Not in release Not in release Needs evaluation Needs evaluation Needs evaluation
uclibc Ignored
zabbix Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show all 8 packages Show less packages

CVE-2021-3621

Medium priority
Fixed

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted...

1 affected package

sssd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sssd Fixed Fixed Fixed Not affected
Show less packages

CVE-2012-3462

Low priority
Not affected

A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context.

1 affected package

sssd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sssd Not affected Not affected
Show less packages

CVE-2018-16838

Low priority

Some fixes available 1 of 4

A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.

1 affected package

sssd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sssd Not affected Not affected Not affected Fixed Vulnerable
Show less packages

CVE-2019-3811

Low priority

Some fixes available 1 of 4

A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the...

1 affected package

sssd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sssd Not affected Not affected Not affected Fixed Vulnerable
Show less packages

CVE-2018-16883

Low priority
Vulnerable

sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "allowed_uids" configuration parameter. If sensitive information were stored in the user directory, this could...

1 affected package

sssd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sssd Not affected Not affected Not affected Vulnerable Vulnerable
Show less packages

CVE-2018-10852

Low priority

Some fixes available 1 of 5

The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the...

1 affected package

sssd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
sssd Not affected Not affected Not affected Fixed Vulnerable
Show less packages