Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

All statuses
Filter by:
With package: sssd

Found 3 matching suggestions

View:
Compact
Detailed
Untriaged
Permalink CVE-2012-3462
created 1 month, 3 weeks ago
A flaw was found in SSSD version 1.9.0. The SSSD's …

A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context.

Affected products

sssd
  • ==1.9.0

Matching in nixpkgs

Package maintainers

Untriaged
Permalink CVE-2025-11561
8.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 4 months, 1 week ago
Sssd: sssd default kerberos configuration allows privilege escalation on ad-joined linux systems

A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, SSSD does not enable the Kerberos local authentication plugin (sssd_krb5_localauth_plugin), allowing an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users. This can result in unauthorized access or privilege escalation on domain-joined Linux hosts.

References

Affected products

sssd
  • =<2.11.1
  • *
rhcos
  • *
rhceph/rhceph-7-rhel9
  • *
rhceph/rhceph-8-rhel9
  • *

Matching in nixpkgs

pkgs.sssd

System Security Services Daemon

Package maintainers

Untriaged
Permalink CVE-2023-3758
7.1 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): ADJACENT_NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 1 year, 2 months ago
Sssd: race condition during authorization leads to gpo policies functioning inconsistently

A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.

References

Affected products

sssd
  • <2.9.5
  • *

Matching in nixpkgs

pkgs.sssd

System Security Services Daemon

Package maintainers