EulerOS Virtualization 2.10.0 : sssd (EulerOS-SA-2026-2064)

According to the versions of the sssd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default...

PT-2026-33133

Name of the Vulnerable Software and Affected Versions System Security Services Daemon SSSD affected versions not specified Description A flaw exists in the System Security Services Daemon SSSD where the pam passkey child read data function within the PAM passkey responder fails to properly handle...

Unity Linux 20.1060a / 20.1070a Security Update: sssd (UTSA-2025-991060)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991060 advisory. A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos local...

RHSA-2025:19848 Red Hat Security Advisory: sssd security update

Bulletin has no description...

RHEL 8 : sssd (RHSA-2025:19848)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:19848 advisory. The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It...

RHEL 7 : sssd (RHSA-2025:19847)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:19847 advisory. The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It...

RockyLinux 8 : sssd (RLSA-2025:19610)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:19610 advisory. sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems CVE-2025-11561 Tenable has extracted the preceding description...

OESA-2025-2579 sssd security update

SSSD provides a set of daemons to manage access to remote directories and authentication mechanisms such as LDAP, Kerberos or FreeIPA. It provides an NSS and PAM interface toward the system and a pluggable backend system to connect to multiple different account sources. Security Fixes: A flaw was...

CVE-2025-11561

A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos local authentication plugin sssdkrb5localauthplugin is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an...

PT-2025-41381

Name of the Vulnerable Software and Affected Versions System Security Services Daemon SSSD affected versions not specified Description A security issue exists in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. By default, SSSD does not enable the...

EUVD-2021-26983

Malware in sbrugna...

EUVD-2010-0046

Malware in sbrugna...

EUVD-2010-2944

Malware in sbrugna...

EUVD-2013-0253

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2010-2940

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The authsend function in providers/ldap/ldapauth.c in System Security Services Daemon SSSD 1.3.0, when LDAP authentication and anonymous bind are enabled, allow...

SUSE CVE-2013-0287

The Simple Access Provider in System Security Services Daemon SSSD 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simpledenygroups option, which allows remote authenticated users to bypass intended access restrictions...

cockpit: authenticates with revoked certificates

A flaw was found in Cockpit in the way it handles the certificate verification performed by the System Security Services Daemon SSSD. This flaw allows client certificates to authenticate successfully, regardless of the Certificate Revocation List CRL configuration or the certificate status. The...

Design/Logic Flaw

A flaw was found in Cockpit in versions prior to 260 in the way it handles the certificate verification performed by the System Security Services Daemon SSSD. This flaw allows client certificates to authenticate successfully, regardless of the Certificate Revocation List CRL configuration or the...

ALBA-2021:4541 sssd bug fix and enhancement update

The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch NSS and the Pluggable Authentication Modules PAM interfaces toward the system, and a pluggable back-end system ...

sssd: shell command injection in sssctl

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest...