70 matches found
CVE-2026-14476
A path traversal flaw was found in SSSD's AD GPO provider. The adgpoextractsmbcomponents function does not sanitize .. sequences in the gPCFileSysPath LDAP attribute, allowing an attacker with AD GPO management access to write files outside the GPO cache directory as root. On default RHEL...
CVE-2026-14476
CVE-2026-14476 : A path traversal flaw in SSSD’s AD GPO provider (ad_gpo_extract_smb_components()) does not sanitize .. in gPCFileSysPath, enabling an attacker with AD GPO management access to write files outside the GPO cache directory as root. In default RHEL with SELinux enforcing, this can in...
CVE-2026-14476 Sssd: sssd: gpo cache path traversal via unsanitized gpcfilesyspath allows kerberos authentication bypass
A path traversal flaw was found in SSSD's AD GPO provider. The adgpoextractsmbcomponents function does not sanitize .. sequences in the gPCFileSysPath LDAP attribute, allowing an attacker with AD GPO management access to write files outside the GPO cache directory as root. On default RHEL...
EUVD-2026-42023
A path traversal flaw was found in SSSD's AD GPO provider. The adgpoextractsmbcomponents function does not sanitize .. sequences in the gPCFileSysPath LDAP attribute, allowing an attacker with AD GPO management access to write files outside the GPO cache directory as root. On default RHEL...
EUVD-2026-38414
A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds read, occurs during the cleanup of GSSAPI Generic Security Service Application Programming Interface indicators when a trailing NULL termination is missing in the auth-indicators array. A remote attacker, under specific...
AlmaLinux 10 : sssd (ALSA-2025:21020)
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:21020 advisory. sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems CVE-2025-11561 Tenable has extracted the preceding description...
MiracleLinux 8 : sssd-2.9.4-5.el8_10.3 (AXSA:2025-11068:06)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11068:06 advisory. sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems CVE-2025-11561 Tenable has extracted the preceding...
SUSE-SU-2026:20014-1 Security update for sssd
This update for sssd fixes the following issues: - CVE-2025-11561: Fixed default Kerberos configuration allowing privilege escalation on AD-joined Linux systems bsc1244325...
SUSE SLED15: libipa_hbac-devel / libipa_hbac0 / libnfsidmap-sss / etc (SUSE-SU-2025:4247-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:4247-1 advisory. - CVE-2025-11561: Fixed privilege escalation on AD-joined Linux systems due to default Kerberos...
Oracle Linux 9 : sssd (ELSA-2025-20954)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-20954 advisory. 2.9.7-4.0.1.1 - Restore default debug level for ssscache Orabug: 32810448 Fri Oct 17 2025 Tomas Halman [email protected] - 2.9.7.4.1 - Resolves: RHEL-120298 -...
SUSE-SU-2025:21084-1 Security update for sssd
This update for sssd fixes the following issues: - CVE-2025-11561: Fixed default Kerberos configuration allowing privilege escalation on AD-joined Linux systems bsc1251827 Other fixes: - Install file in krb5.conf.d to include sssd krb5 config snippets bsc1244325...
Security update for sssd
This update for sssd fixes the following issues: CVE-2025-11561: Fixed default Kerberos configuration allowing privilege escalation on AD-joined Linux systems bsc1251827 Other fixes: - Install file in krb5.conf.d to include sssd krb5 config snippets bsc1244325 Patch Instructions: To install this...
SUSE-SU-2025:21066-1 Security update for sssd
This update for sssd fixes the following issues: - CVE-2025-11561: Fixed default Kerberos configuration allowing privilege escalation on AD-joined Linux systems bsc1251827 Other fixes: - Install file in krb5.conf.d to include sssd krb5 config snippets bsc1244325...
Security update for sssd
This update for sssd fixes the following issues: CVE-2025-11561: Fixed privilege escalation on AD-joined Linux systems due to default Kerberos configuration disabling localauth an2ln plugin bsc1251827 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods li...
SUSE-SU-2025:4247-1 Security update for sssd
This update for sssd fixes the following issues: - CVE-2025-11561: Fixed privilege escalation on AD-joined Linux systems due to default Kerberos configuration disabling localauth an2ln plugin bsc1251827...
SUSE-SU-2025:4232-1 Security update for sssd
This update for sssd fixes the following issues: - CVE-2025-11561: Fixed privilege escalation on AD-joined Linux systems due to default Kerberos configuration disabling localauth an2ln plugin bsc1251827 Other fixes: - Install file in krb5.conf.d to include sssd krb5 config snippets bsc1244325...
SUSE-SU-2025:4231-1 Security update for sssd
This update for sssd fixes the following issues: - CVE-2025-11561: Fixed privilege escalation on AD-joined Linux systems due to default Kerberos configuration disabling localauth an2ln plugin bsc1251827 Other fixes: - Install file in krb5.conf.d to include sssd krb5 config snippets bsc1244325...
SUSE SLES15: libipa_hbac-devel / libipa_hbac0 / libsss_certmap-devel / etc (SUSE-SU-2025:4181-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:4181-1 advisory. - CVE-2025-11561: Fixed privilege escalation on AD-joined Linux systems due to default Kerberos configuration disabling localauth an2ln plug...
SUSE SLES15: libipa_hbac-devel / libipa_hbac0 / libsss_certmap-devel / etc (SUSE-SU-2025:4182-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:4182-1 advisory. - CVE-2025-11561: Fixed privilege escalation on AD-joined Linux systems due to default Kerberos configuration disabling localauth an2ln plug...
SUSE SLED15: libipa_hbac-devel / libipa_hbac0 / libsss_certmap-devel / etc (SUSE-SU-2025:4183-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:4183-1 advisory. - CVE-2025-11561: Fixed privilege escalation on AD-joined Linux systems due to default Kerberos configuration disabling...