Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2024:3270

Опубликовано: 14 июн. 2024
Источник: rocky
Оценка: Moderate

Описание

Moderate: sssd security update

The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources.

Security Fix(es):

  • sssd: Race condition during authorization leads to GPO policies functioning inconsistently (CVE-2023-3758)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
libipa_hbaci6863.el8_10libipa_hbac-2.9.4-3.el8_10.i686.rpm
libipa_hbacx86_643.el8_10libipa_hbac-2.9.4-3.el8_10.x86_64.rpm
libsss_autofsx86_643.el8_10libsss_autofs-2.9.4-3.el8_10.x86_64.rpm
libsss_certmapi6863.el8_10libsss_certmap-2.9.4-3.el8_10.i686.rpm
libsss_certmapx86_643.el8_10libsss_certmap-2.9.4-3.el8_10.x86_64.rpm
libsss_idmapi6863.el8_10libsss_idmap-2.9.4-3.el8_10.i686.rpm
libsss_idmapx86_643.el8_10libsss_idmap-2.9.4-3.el8_10.x86_64.rpm
libsss_nss_idmapi6863.el8_10libsss_nss_idmap-2.9.4-3.el8_10.i686.rpm
libsss_nss_idmapx86_643.el8_10libsss_nss_idmap-2.9.4-3.el8_10.x86_64.rpm
libsss_simpleifpi6863.el8_10libsss_simpleifp-2.9.4-3.el8_10.i686.rpm

Показывать по

Связанные CVE

CVE-2023-3758

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2023-3758

CVSS3: 7.1
ubuntu
больше 1 года назад

A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.

redhat логотип

CVE-2023-3758

CVSS3: 7.1
redhat
больше 1 года назад

A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.

nvd логотип

CVE-2023-3758

CVSS3: 7.1
nvd
больше 1 года назад

A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.

debian логотип

CVE-2023-3758

CVSS3: 7.1
debian
больше 1 года назад

A race condition flaw was found in sssd where the GPO policy is not co ...

suse-cvrf логотип

SUSE-SU-2024:1941-1

suse-cvrf
больше 1 года назад

Security update for sssd