RLSA-2024:3270

See a problem?
Please try reporting it to the source first.

Source

https://errata.rockylinux.org/RLSA-2024:3270

Import Source

https://storage.googleapis.com/resf-osv-data/RLSA-2024:3270.json

JSON Data

https://api.osv.dev/v1/vulns/RLSA-2024:3270

Related

CVE-2023-3758

Published

2024-06-14T13:59:16.809606Z

Modified

2024-06-14T14:02:17.137158Z

Summary

Moderate: sssd security update

Details

The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources.

Security Fix(es):

sssd: Race condition during authorization leads to GPO policies functioning inconsistently (CVE-2023-3758)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

Credits

- Rocky Enterprise Software Foundation
- Red Hat

Affected packages

Rocky Linux:8 / sssd

Package

Name: sssd
Purl: pkg:rpm/rocky-linux/sssd?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.9.4-3.el8_10