998 matches found
CVE-2026-14476
A path traversal flaw was found in SSSD's AD GPO provider. The adgpoextractsmbcomponents function does not sanitize .. sequences in the gPCFileSysPath LDAP attribute, allowing an attacker with AD GPO management access to write files outside the GPO cache directory as root. On default RHEL...
UBUNTU-CVE-2026-12610
A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw by manipulating smartcard or YubiKey contents, leading to a denial of servi...
CVE-2026-12610 Sssd: use-after-free crash in sssd' 'sssd_pam' process
A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw by manipulating smartcard or YubiKey contents, leading to a denial of servi...
Ubuntu 24.04 LTS / 25.10 / 26.04 LTS : SSSD vulnerability (USN-8355-1)
The remote Ubuntu 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8355-1 advisory. It was discovered that SSSD did not properly handle raw bytes in the PAM passkey responder. A local attacker could possibly use this issue to...
Astra Linux – Vulnerability in sudo
A flaw was discovered in sudo’s handling of ipahostname. In this process, the ipahostname value from /etc/sssd/sssd.conf was not propagated to sudo. As a result, this leads to a privilege management vulnerability in applications, where client hosts retain privileges even after those privileges ha...
CentOS 9 : sssd-2.9.9-1.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the sssd-2.9.9-1.el9 build changelog. - out-of-bounds read in the sssd CVE-2026-6245 Note that Nessus has not tested for this issue but has instead relied only on the application's...
CLSA-2026-1777683406 sssd: Fix of 2 CVEs
CVE-2018-10852: create the sudo responder socket with stricter permissions - CVE-2019-3811: do not return "/" as the home directory when the user has no homedir configured...
UBUNTU-CVE-2026-6245
A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...
CVE-2026-6245
CVE-2026-6245 affects the System Security Services Daemon (SSSD) PAM passkey responder. The pam_passkey_child_read_data() function mishandles raw bytes from a pipe, treating them as a NUL-terminated C string, causing an out-of-bounds read (Crash) and local DoS. Affected: SSSD PAM responder; vecto...
Linux Distros Unpatched Vulnerability : CVE-2026-6245
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw...
Advisory ROSA-SA-2026-3218
software: sssd 2.9.7 OS: ROSA-CHROME unaffected versions = sssd-2.9.7-1 affected versions sssd-2.9.7-1 CVE-ID: CVE-2023-3758 BDU-ID: 2024-04108 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the remote directory access control service and SSSD authentication mechanism is associated with a race...
EulerOS 2.0 SP12 : sssd (EulerOS-SA-2026-1382)
According to the versions of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, th...
EulerOS 2.0 SP12 : sssd (EulerOS-SA-2026-1413)
According to the versions of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, th...
Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2026-1521)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP13 : sssd (EulerOS-SA-2026-1262)
According to the versions of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, th...
Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2026-1262)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Astra Linux – Vulnerability in sssd
A flaw was discovered in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos local authentication plugin sssdkrb5localauthplugin is enabled, but a fallback to the an2ln plugin is possible. This fallback allows ...
MiracleLinux 9 : sssd-2.9.4-6.el9 (AXSA:2024-7854:05)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7854:05 advisory. sssd: Race condition during authorization leads to GPO policies functioning inconsistently CVE-2023-3758 Bug Fixes: socket leak JIRA:RHEL-22340 Passkey canno...
MiracleLinux 7 : sssd-1.16.5-10.el7.15 (AXSA:2023-4853:02)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4853:02 advisory. sssd: libssscertmap fails to sanitise certificate data used in LDAP filters CVE-2022-4254 Tenable has extracted the preceding description block directly from...
MiracleLinux 8 : sssd-2.9.4-3.el8 (AXSA:2024-8333:06)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8333:06 advisory. sssd: Race condition during authorization leads to GPO policies functioning inconsistently CVE-2023-3758 Tenable has extracted the preceding description bloc...