Nixpkgs security tracker
Untriaged
Permalink
CVE-2023-3758
7.1 HIGH
- CVSS version: 3.1
- Attack vector (AV): ADJACENT_NETWORK
- Attack complexity (AC): HIGH
- Privileges required (PR): LOW
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): HIGH
- Availability impact (A): HIGH
Sssd: race condition during authorization leads to gpo policies functioning inconsistently
A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.
References
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
https://github.com/SSSD/sssd/pull/7302 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
https://github.com/SSSD/sssd/pull/7302 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
https://github.com/SSSD/sssd/pull/7302 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
https://github.com/SSSD/sssd/pull/7302 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
https://github.com/SSSD/sssd/pull/7302 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
https://github.com/SSSD/sssd/pull/7302 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
https://github.com/SSSD/sssd/pull/7302 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
https://github.com/SSSD/sssd/pull/7302 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
https://github.com/SSSD/sssd/pull/7302 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
https://github.com/SSSD/sssd/pull/7302 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
https://github.com/SSSD/sssd/pull/7302 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
https://github.com/SSSD/sssd/pull/7302 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
https://github.com/SSSD/sssd/pull/7302 x_transferred
Affected products
sssd
- <2.9.5
- *
Package maintainers
-
@illustris Harikrishnan R <me@illustris.tech>