Nixpkgs Security Tracker

Login with GitHub

Suggestions search

All statuses
Filter by:
With package: sssd

Found 3 matching suggestions

View:
Compact
Detailed
Untriaged
Permalink CVE-2012-3462
created 1 month ago
A flaw was found in SSSD version 1.9.0. The SSSD's …

A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context.

References

Affected products

sssd
  • ==1.9.0

Matching in nixpkgs

Package maintainers

Dismissed
Permalink CVE-2025-11561
8.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
updated 2 months ago by @LeSuisse Activity log
  • Created automatic suggestion 4 months ago
  • @LeSuisse dismissed 2 months ago
Sssd: sssd default kerberos configuration allows privilege escalation on ad-joined linux systems

A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, SSSD does not enable the Kerberos local authentication plugin (sssd_krb5_localauth_plugin), allowing an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users. This can result in unauthorized access or privilege escalation on domain-joined Linux hosts.

References

Affected products

sssd
  • =<2.11.1
  • *
rhcos
  • *
rhceph/rhceph-7-rhel9
  • *
rhceph/rhceph-8-rhel9
  • *

Matching in nixpkgs

Package maintainers

Never impacted the current stable branch

https://github.com/NixOS/nixpkgs/commit/167ebcf138339399754f7a19991d47bc64e76e9d
Untriaged
Permalink CVE-2023-3758
7.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): ADJACENT_NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 6 months ago
Sssd: race condition during authorization leads to gpo policies functioning inconsistently

A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.

References

Affected products

sssd
  • <2.9.5
  • *

Matching in nixpkgs

pkgs.sssd

System Security Services Daemon

  • nixos-unstable -

Package maintainers