CVE-2026-6245

A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...

PT-2026-33133

Name of the Vulnerable Software and Affected Versions System Security Services Daemon SSSD affected versions not specified Description A flaw exists in the System Security Services Daemon SSSD where the pam passkey child read data function within the PAM passkey responder fails to properly handle...

EulerOS Virtualization 2.12.1 : sssd (EulerOS-SA-2026-1464)

According to the versions of the sssd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default...

Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2026-1413)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.12.0 : sssd (EulerOS-SA-2026-1521)

According to the versions of the sssd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default...

MiracleLinux 4 : sssd-1.9.2-82.4.AXS4 (AXSA:2013-386:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-386:01 advisory. Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the syste...

MiracleLinux 7 : sssd-1.13.0-40.el7 (AXSA:2015-829:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-829:03 advisory. Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a...

CVE-1999-0692

The default configuration of the Array Services daemon arrayd disables authentication, allowing remote users to gain root privileges...

Unity Linux 20.1060a / 20.1070a Security Update: sssd (UTSA-2025-991060)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991060 advisory. A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos local...

RLSA-2025:20954 Important: sssd security update

The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch NSS and the Pluggable Authentication Modules PAM interfaces toward the system, and a pluggable back-end system ...

Important: Red Hat Security Advisory: sssd security update

An update for sssd is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

ALSA-2025:20954 Important: sssd security update

The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch NSS and the Pluggable Authentication Modules PAM interfaces toward the system, and a pluggable back-end system ...

RHSA-2025:19854 Red Hat Security Advisory: sssd security update

Bulletin has no description...

RHSA-2025:19853 Red Hat Security Advisory: sssd security update

Bulletin has no description...

RHSA-2025:19849 Red Hat Security Advisory: sssd security update

Bulletin has no description...

RHSA-2025:19848 Red Hat Security Advisory: sssd security update

Bulletin has no description...

sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems

A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos local authentication plugin sssdkrb5localauthplugin is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an...

Important: Red Hat Security Advisory: sssd security update

An update for sssd is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 7 : sssd (RHSA-2025:19847)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:19847 advisory. The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It...

RHEL 8 : sssd (RHSA-2025:19848)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:19848 advisory. The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It...