19 matches found
CVE-2021-3621
SSSD is affected by CVE-2021-3621. The sssctl command (logs-fetch and cache-expire) is vulnerable to shell command injection, enabling an attacker to trick root (e.g., via sudo) into running a crafted sssctl command to gain root privileges. Advisories from Astra Linux, Debian LTS, Gentoo and Amaz...
CVE-2018-10852
CVE-2018-10852 describes an information-leak vulnerability in the sssd-sudo responder. The UNIX pipe used by sudo to contact SSSD and read available sudo rules from SSSD has overly broad permissions, allowing a user who can communicate over the same raw protocol to read the sudo rules for any use...
CVE-2022-4254
CVE-2022-4254 concerns sssd’s libsss_certmap, where certificate data used in LDAP filters is not sanitized, enabling LDAP filter injection. Public disclosures and advisories (e.g., Debian DLA 3436-1/3436-2, ALAS2-2023-1995, ALAS-2023-1723) indicate the issue can lead to privilege escalation or ad...
CVE-2017-12173
CVE-2017-12173 affects sssd: the sysdb_search_user_by_upn_res() function did not sanitize requests when querying the local cache, with versions before 1.16.0 vulnerable to injection. In centralized login environments, if a password hash is cached for a user, an authenticated attacker could retrie...
CVE-2018-16838
CVE-2018-16838 describes a flaw in the sssd Group Policy Objects (GPOs) handling. If the GPOs are not readable because of overly strict server-side permissions, SSSD erroneously allows all authenticated users to log in instead of denying access. The connected documents (e.g., MiracleLinux AXSA ad...
CVE-2019-3811
CVE-2019-3811 affects sssd: if a user has no home directory, sssd returns '/' instead of '', potentially allowing access beyond the user’s home dir. Affected are all versions prior to 2.1. Public advisories (e.g., Debian LTS DLA-3436-1) indicate a patch is available in newer sssd packages; remedi...
CVE-2023-3758
CVE-2023-3758 affects the System Security Services Daemon (SSSD). A race condition causes GPO policy to be inconsistently applied for authenticated users, leading to improper authorization (granting or denying access). Publicly referenced advisories confirm this issue across multiple distribution...
CVE-2013-0287
CVE-2013-0287 affects System Security Services Daemon (SSSD) when using the Active Directory provider. The Simple Access Provider in SSSD 1.9.0–1.9.4 does not properly enforce the simple_deny_groups option, allowing remote authenticated users to bypass access restrictions. Connected advisories/pa...
CVE-2010-4341
CVE-2010-4341 affects the PAM responder in SSSD (pam_parse_in_data_v2 in src/responder/pam/pamsrv_cmd.c) and can be exploited locally by crafting a packet to cause a denial of service (infinite loop, crash, login prevention) in SSSD 1.5.0, 1.4.x, and 1.3. Connected advisories confirm fixes for th...
CVE-2013-0219
CVE-2013-0219 affects System Security Services Daemon (SSSD) prior to 1.9.4. A TOCTOU race in copying/removing a user’s home directory tree allows a local attacker to exploit symlinks to create, modify, or delete arbitrary files in another user’s directory. This is the explicit vulnerability desc...
CVE-2015-5292
The CVE-2015-5292 issue affects SSSD PAC responder (sssd_pac_plugin.so) in SSSD 1.10 up to, but not including, 1.13.1. The vulnerability permits remote authenticated users to trigger a denial of service via memory consumption by issuing many logins that parse PAC blobs during Kerberos authenticat...
CVE-2012-3462
SSSD 1.9.0 contains a logic flaw in its access-provider path where HBAC rule results are ignored if the access-provider also sets the user’s SELinux context. Affected component: SSSD HBAC/access-provider integration. Impact described: incorrect HBAC evaluation under scenarios where SELinux user c...
CVE-2010-2940
CVE-2010-2940 affects System Security Services Daemon (SSSD) 1.3.0. When LDAP authentication with anonymous bind is enabled, the auth_send function in providers/ldap/ldap_auth.c allows remote attackers to bypass pam_authenticate by supplying an empty password. The vulnerability enables partial co...
CVE-2013-0220
CVE-2013-0220 affects System Security Services Daemon (SSSD) prior to 1.9.4. The vulnerability arises in the autofs and SSH responders (functions sss_autofs_cmd_getautomntent, sss_autofs_cmd_getautomntbyname, and ssh_cmd_parse_request) that can be exploited by a crafted SSSD packet to trigger an ...
CVE-2014-0249
The CVE-2014-0249 issue affects SSSD 1.11.6, where group membership is not correctly identified for non-POSIX groups in a membership chain, potentially allowing local users to bypass access restrictions. Public documents confirm the vulnerability in SSSD and show vendor-advised fixes were release...
CVE-2010-0014
CVE-2010-0014 affects the System Security Services Daemon (SSSD) with the krb5 auth_provider when the KDC is unreachable. According to Fedora/OpenVAS disclosures, vulnerable component is SSSD (sssd) and updates were released as Fedora advisories FEDORA-2010-0413, FEDORA-2010-0451, and package sss...
CVE-2018-16883
CVE-2018-16883 affects sssd versions 1.13.0 to before 2.0.0. The vulnerability stems from improper restriction of access to the infopipe per the allowed_uids config, potentially exposing sensitive information in the user directory to local attackers. Impact is local, with partial confidentiality ...
CVE-2011-1758
SSSD 1.5.x is affected by CVE-2011-1758, where krb5_save_ccname_done in providers/krb5/krb5_auth.c uses a pathname string as a password when automatic TGT renewal and offline auth are configured. This allows local users to bypass Kerberos authentication by listing /tmp to obtain the pathname. Aff...
CVE-2026-12610
The CVE-2026-12610 issue affects the SSSD project, specifically the PAM responder path used during YubiKey authentication. A use-after-free in the PAM responder can cause the sssd process to crash when handling memory pointers manipulated via smartcards or YubiKey contents, leading to a denial of...