CentOS 9 : sssd-2.9.9-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the sssd-2.9.9-1.el9 build changelog. - out-of-bounds read in the sssd CVE-2026-6245 Note that Nessus has not tested for this issue but has instead relied only on the application's...

Astra Linux - уязвимость в sssd

A flaw was discovered in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos local authentication plugin sssdkrb5localauthplugin is enabled, but a fallback to the an2ln plugin is possible. This fallback allows ...

Astra Linux - уязвимость в sudo

A flaw was discovered in sudo’s handling of ipahostname. In this process, the ipahostname value from /etc/sssd/sssd.conf was not propagated to sudo. As a result, this leads to a privilege management vulnerability in applications, where client hosts retain privileges even after those privileges ha...

CLSA-2026-1777683406 sssd: Fix of 2 CVEs

CVE-2018-10852: create the sudo responder socket with stricter permissions - CVE-2019-3811: do not return "/" as the home directory when the user has no homedir configured...

UBUNTU-CVE-2026-6245

A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...

CVE-2026-6245

CVE-2026-6245 affects the System Security Services Daemon (SSSD) PAM passkey responder. The pam_passkey_child_read_data() function mishandles raw bytes from a pipe, treating them as a NUL-terminated C string, causing an out-of-bounds read (Crash) and local DoS. Affected: SSSD PAM responder; vecto...

Linux Distros Unpatched Vulnerability : CVE-2026-6245

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw...

Advisory ROSA-SA-2026-3218

software: sssd 2.9.7 OS: ROSA-CHROME unaffected versions = sssd-2.9.7-1 affected versions sssd-2.9.7-1 CVE-ID: CVE-2023-3758 BDU-ID: 2024-04108 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the remote directory access control service and SSSD authentication mechanism is associated with a race...

EulerOS 2.0 SP12 : sssd (EulerOS-SA-2026-1413)

According to the versions of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, th...

Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2026-1521)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP12 : sssd (EulerOS-SA-2026-1382)

According to the versions of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, th...

Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2026-1262)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP13 : sssd (EulerOS-SA-2026-1262)

According to the versions of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, th...

MiracleLinux 8 : sssd-2.9.4-3.el8 (AXSA:2024-8333:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8333:06 advisory. sssd: Race condition during authorization leads to GPO policies functioning inconsistently CVE-2023-3758 Tenable has extracted the preceding description bloc...

MiracleLinux 9 : sssd-2.9.4-6.el9 (AXSA:2024-7854:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7854:05 advisory. sssd: Race condition during authorization leads to GPO policies functioning inconsistently CVE-2023-3758 Bug Fixes: socket leak JIRA:RHEL-22340 Passkey canno...

MiracleLinux 7 : sssd-1.16.5-10.el7.15 (AXSA:2023-4853:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4853:02 advisory. sssd: libssscertmap fails to sanitise certificate data used in LDAP filters CVE-2022-4254 Tenable has extracted the preceding description block directly from...

MiracleLinux 7 : sssd-1.16.5-10.el7.10 (AXSA:2021-2399:08)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2399:08 advisory. sssd: shell command injection in sssctl CVE-2021-3621 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

MiracleLinux 7 : sssd-1.16.2-13.el7 (AXSA:2019-3678:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-3678:01 advisory. sssd: information leak from the sssd-sudo responder CVE-2018-10852 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 7 : realmd-0.16.1-5.el7 (AXSA:2015-654:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2015-654:01 advisory. realmd is a DBus system service which manages discovery and enrollment in realms and domains like Active Directory or IPA. The control center uses realmd as t...

MiracleLinux 8 : sssd-2.9.4-5.el8_10.3 (AXSA:2025-11068:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11068:06 advisory. sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems CVE-2025-11561 Tenable has extracted the preceding...