Jakub Hrozek discovered that SSSD incorrectly handled file permissions. A local attacker could possibly use this issue to read the sudo rules available for any user. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-10852)
It was discovered that SSSD incorrectly handled Group Policy Objects. When SSSD is configured with too strict permissions causing the GPO to not be readable, SSSD will allow all authenticated users to login instead of being denied, contrary to expectations. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-16838)
It was discovered that SSSD incorrectly handled users with no home directory set. When no home directory was set, SSSD would return the root directory instead of an empty string, possibly bypassing security measures. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-3811)
Cedric Buissart discovered that SSSD incorrectly handled the sssctl command. In certain environments, a local user could use this issue to execute arbitrary commands and possibly escalate privileges. (CVE-2021-3621)
{ "availability": "No subscription required", "binaries": [ { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "libipa-hbac-dev" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "libipa-hbac0" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "libipa-hbac0-dbgsym" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "libnss-sss" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "libnss-sss-dbgsym" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "libpam-sss" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "libpam-sss-dbgsym" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "libsss-certmap-dev" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "libsss-certmap0" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "libsss-certmap0-dbgsym" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "libsss-idmap-dev" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "libsss-idmap0" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "libsss-idmap0-dbgsym" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "libsss-nss-idmap-dev" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "libsss-nss-idmap0" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "libsss-nss-idmap0-dbgsym" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "libsss-simpleifp-dev" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "libsss-simpleifp0" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "libsss-simpleifp0-dbgsym" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "libsss-sudo" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "libsss-sudo-dbgsym" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "libwbclient-sssd" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "libwbclient-sssd-dbgsym" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "libwbclient-sssd-dev" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "python-libipa-hbac" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "python-libipa-hbac-dbgsym" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "python-libsss-nss-idmap" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "python-libsss-nss-idmap-dbgsym" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "python-sss" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "python-sss-dbgsym" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "python3-libipa-hbac" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "python3-libipa-hbac-dbgsym" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "python3-libsss-nss-idmap" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "python3-libsss-nss-idmap-dbgsym" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "python3-sss" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "python3-sss-dbgsym" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "sssd" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "sssd-ad" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "sssd-ad-common" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "sssd-ad-common-dbgsym" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "sssd-ad-dbgsym" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "sssd-common" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "sssd-common-dbgsym" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "sssd-dbus" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "sssd-dbus-dbgsym" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "sssd-ipa" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "sssd-ipa-dbgsym" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "sssd-kcm" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "sssd-kcm-dbgsym" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "sssd-krb5" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "sssd-krb5-common" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "sssd-krb5-common-dbgsym" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "sssd-krb5-dbgsym" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "sssd-ldap" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "sssd-ldap-dbgsym" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "sssd-proxy" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "sssd-proxy-dbgsym" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "sssd-tools" }, { "binary_version": "1.16.1-1ubuntu1.8", "binary_name": "sssd-tools-dbgsym" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "libipa-hbac-dev" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "libipa-hbac0" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "libipa-hbac0-dbgsym" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "libnss-sss" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "libnss-sss-dbgsym" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "libpam-sss" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "libpam-sss-dbgsym" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "libsss-certmap-dev" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "libsss-certmap0" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "libsss-certmap0-dbgsym" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "libsss-idmap-dev" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "libsss-idmap0" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "libsss-idmap0-dbgsym" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "libsss-nss-idmap-dev" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "libsss-nss-idmap0" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "libsss-nss-idmap0-dbgsym" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "libsss-simpleifp-dev" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "libsss-simpleifp0" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "libsss-simpleifp0-dbgsym" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "libsss-sudo" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "libsss-sudo-dbgsym" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "libwbclient-sssd" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "libwbclient-sssd-dbgsym" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "libwbclient-sssd-dev" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "python3-libipa-hbac" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "python3-libipa-hbac-dbgsym" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "python3-libsss-nss-idmap" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "python3-libsss-nss-idmap-dbgsym" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "python3-sss" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "python3-sss-dbgsym" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "sssd" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "sssd-ad" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "sssd-ad-common" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "sssd-ad-common-dbgsym" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "sssd-ad-dbgsym" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "sssd-common" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "sssd-common-dbgsym" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "sssd-dbus" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "sssd-dbus-dbgsym" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "sssd-ipa" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "sssd-ipa-dbgsym" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "sssd-kcm" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "sssd-kcm-dbgsym" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "sssd-krb5" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "sssd-krb5-common" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "sssd-krb5-common-dbgsym" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "sssd-krb5-dbgsym" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "sssd-ldap" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "sssd-ldap-dbgsym" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "sssd-proxy" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "sssd-proxy-dbgsym" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "sssd-tools" }, { "binary_version": "2.2.3-3ubuntu0.7", "binary_name": "sssd-tools-dbgsym" } ] }