EulerOS Virtualization 2.13.0 : sssd (EulerOS-SA-2026-2191)

According to the versions of the sssd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default...

USN-8355-1: SSSD vulnerability

It was discovered that SSSD did not properly handle raw bytes in the PAM passkey responder. A local attacker could possibly use this issue to cause the SSSD PAM responder to crash, resulting in a denial of service...

Astra Linux - уязвимость в sssd

A flaw was discovered in SSSD, where the sssctl command was vulnerable to shell command injection through the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into executing a specially crafted sssctl command, such as using sudo, in order to gain root...

OESA-2026-2170 sssd security update

Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable back end system to connect to multiple different account sources. It is also the basis to provide client auditing and policy...

CLSA-2026-1777482027 sssd: Fix of 2 CVEs

CVE-2018-10852: create the sudo responder socket with stricter permissions - CVE-2019-3811: do not return "/" as the home directory when the user has no homedir configured...

SUSE CVE-2026-6245

A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...

EUVD-2026-23032

A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...

DEBIAN-CVE-2026-6245

A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...

CVE-2026-6245

A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...

CVE-2026-6245

A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...

Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2026-1464)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP13 : sssd (EulerOS-SA-2026-1298)

According to the versions of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, th...

Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2026-1298)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

sssd default kerberos configuration allows privilege escalation on ad-joined linux systems

A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos local authentication plugin sssdkrb5localauthplugin is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an...

MiracleLinux 4 : sssd-1.5.1-34.AXS4.3 (AXSA:2011-634:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-634:01 advisory. Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a...

SUSE-SU-2026:20014-1 Security update for sssd

This update for sssd fixes the following issues: - CVE-2025-11561: Fixed default Kerberos configuration allowing privilege escalation on AD-joined Linux systems bsc1244325...

sssd security update

1.16.5-10.0.5.16 - krb5: disable Kerberos localauth an2ln plugin for AD/IPA Orabug: 38621159...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: sssd (UTSA-2025-991025)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991025 advisory. A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos local...

SUSE-SU-2025:21066-1 Security update for sssd

This update for sssd fixes the following issues: - CVE-2025-11561: Fixed default Kerberos configuration allowing privilege escalation on AD-joined Linux systems bsc1251827 Other fixes: - Install file in krb5.conf.d to include sssd krb5 config snippets bsc1244325...

SUSE SLES15 Security Update : sssd (SUSE-SU-2025:4231-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:4231-1 advisory. - CVE-2025-11561: Fixed privilege escalation on AD-joined Linux systems due to default Kerberos configuration disabling localauth an2ln plug...