OESA-2024-1573

See a problem?
Please try reporting it to the source first.
Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1573
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2024-1573.json
JSON Data
https://api.osv.dev/v1/vulns/OESA-2024-1573
Upstream
Published
2024-05-17T11:07:59Z
Modified
2025-09-03T06:19:18.666480Z
Summary
sssd security update
Details

SSSD provides a set of daemons to manage access to remote directories and authentication mechanisms such as LDAP, Kerberos or FreeIPA. It provides an NSS and PAM interface toward the system and a pluggable backend system to connect to multiple different account sources.

Security Fix(es):

A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.(CVE-2023-3758)

Database specific 
{
    "severity": "High"
}
References

Affected packages

openEuler:22.03-LTS-SP2 / sssd

Package

Name
sssd
Purl
pkg:rpm/openEuler/sssd&distro=openEuler-22.03-LTS-SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.6.1-14.oe2203sp2

Ecosystem specific 

{
    "src": [
        "sssd-2.6.1-14.oe2203sp2.src.rpm"
    ],
    "x86_64": [
        "sssd-debuginfo-2.6.1-14.oe2203sp2.x86_64.rpm",
        "python3-sssd-2.6.1-14.oe2203sp2.x86_64.rpm",
        "sssd-devel-2.6.1-14.oe2203sp2.x86_64.rpm",
        "sssd-debugsource-2.6.1-14.oe2203sp2.x86_64.rpm",
        "sssd-2.6.1-14.oe2203sp2.x86_64.rpm"
    ],
    "aarch64": [
        "sssd-debugsource-2.6.1-14.oe2203sp2.aarch64.rpm",
        "sssd-debuginfo-2.6.1-14.oe2203sp2.aarch64.rpm",
        "python3-sssd-2.6.1-14.oe2203sp2.aarch64.rpm",
        "sssd-2.6.1-14.oe2203sp2.aarch64.rpm",
        "sssd-devel-2.6.1-14.oe2203sp2.aarch64.rpm"
    ],
    "noarch": [
        "sssd-help-2.6.1-14.oe2203sp2.noarch.rpm"
    ]
}