CVE-2023-3758
EUVD-2023-4439318.04.2024, 19:15
A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| fedoraproject | sssd | 𝑥 < 2.9.5 |
| redhat | codeready_linux_builder | 8.0 |
| redhat | codeready_linux_builder_eus | 8.6 |
| redhat | codeready_linux_builder_eus | 8.8 |
| redhat | codeready_linux_builder_eus | 9.0 |
| redhat | codeready_linux_builder_eus | 9.2 |
| redhat | codeready_linux_builder_eus | 9.4 |
| redhat | codeready_linux_builder_eus | 9.6 |
| redhat | codeready_linux_builder_for_arm64 | 8.0_aarch64:_aarch64 |
| redhat | codeready_linux_builder_for_arm64_eus | 8.6_aarch64:_aarch64 |
| redhat | codeready_linux_builder_for_arm64_eus | 8.8_aarch64:_aarch64 |
| redhat | codeready_linux_builder_for_arm64_eus | 9.0_aarch64:_aarch64 |
| redhat | codeready_linux_builder_for_arm64_eus | 9.2_aarch64:_aarch64 |
| redhat | codeready_linux_builder_for_arm64_eus | 9.4_aarch64:_aarch64 |
| redhat | codeready_linux_builder_for_arm64_eus | 9.6_aarch64:_aarch64 |
| redhat | codeready_linux_builder_for_ibm_z_systems | 8.0_s390x:_s390x |
| redhat | codeready_linux_builder_for_ibm_z_systems_eus | 8.6_s390x:_s390x |
| redhat | codeready_linux_builder_for_ibm_z_systems_eus | 8.8_s390x:_s390x |
| redhat | codeready_linux_builder_for_ibm_z_systems_eus | 9.0_s390x:_s390x |
| redhat | codeready_linux_builder_for_ibm_z_systems_eus | 9.2_s390x:_s390x |
| redhat | codeready_linux_builder_for_ibm_z_systems_eus | 9.4_s390x:_s390x |
| redhat | codeready_linux_builder_for_ibm_z_systems_eus | 9.6_s390x:_s390x |
| redhat | codeready_linux_builder_for_power_little_endian | 8.0_ppc64le:_ppc64le |
| redhat | codeready_linux_builder_for_power_little_endian_eus | 8.6_ppc64le:_ppc64le |
| redhat | codeready_linux_builder_for_power_little_endian_eus | 8.8_ppc64le:_ppc64le |
| redhat | codeready_linux_builder_for_power_little_endian_eus | 9.0_ppc64le:_ppc64le |
| redhat | codeready_linux_builder_for_power_little_endian_eus | 9.2_ppc64le:_ppc64le |
| redhat | codeready_linux_builder_for_power_little_endian_eus | 9.4_ppc64le:_ppc64le |
| redhat | codeready_linux_builder_for_power_little_endian_eus | 9.6_ppc64le:_ppc64le |
| redhat | virtualization_host | 4.0 |
| redhat | enterprise_linux | 8.0 |
| redhat | enterprise_linux_eus | 8.6 |
| redhat | enterprise_linux_eus | 8.8 |
| redhat | enterprise_linux_eus | 9.0 |
| redhat | enterprise_linux_eus | 9.2 |
| redhat | enterprise_linux_eus | 9.4 |
| redhat | enterprise_linux_eus | 9.6 |
| redhat | enterprise_linux_for_arm_64 | 8.0_aarch64:_aarch64 |
| redhat | enterprise_linux_for_arm_64_eus | 8.6_aarch64:_aarch64 |
| redhat | enterprise_linux_for_arm_64_eus | 8.8_aarch64:_aarch64 |
| redhat | enterprise_linux_for_arm_64_eus | 9.0_aarch64:_aarch64 |
| redhat | enterprise_linux_for_arm_64_eus | 9.2_aarch64:_aarch64 |
| redhat | enterprise_linux_for_arm_64_eus | 9.4_aarch64:_aarch64 |
| redhat | enterprise_linux_for_arm_64_eus | 9.6_aarch64:_aarch64 |
| redhat | enterprise_linux_for_ibm_z_systems | 8.0_s390x:_s390x |
| redhat | enterprise_linux_for_ibm_z_systems_eus | 8.6_s390x:_s390x |
| redhat | enterprise_linux_for_ibm_z_systems_eus | 8.8_s390x:_s390x |
| redhat | enterprise_linux_for_ibm_z_systems_eus | 9.0_s390x:_s390x |
| redhat | enterprise_linux_for_ibm_z_systems_eus | 9.2_s390x:_s390x |
| redhat | enterprise_linux_for_ibm_z_systems_eus | 9.4_s390x:_s390x |
| redhat | enterprise_linux_for_ibm_z_systems_eus | 9.6_s390x:_s390x |
| redhat | enterprise_linux_for_power_little_endian | 8.0_ppc64le:_ppc64le |
| redhat | enterprise_linux_for_power_little_endian_eus | 8.6_ppc64le:_ppc64le |
| redhat | enterprise_linux_for_power_little_endian_eus | 8.8_ppc64le:_ppc64le |
| redhat | enterprise_linux_for_power_little_endian_eus | 9.0_ppc64le:_ppc64le |
| redhat | enterprise_linux_for_power_little_endian_eus | 9.2_ppc64le:_ppc64le |
| redhat | enterprise_linux_for_power_little_endian_eus | 9.4_ppc64le:_ppc64le |
| redhat | enterprise_linux_for_power_little_endian_eus | 9.6_ppc64le:_ppc64le |
| redhat | enterprise_linux_server_aus | 8.6 |
| redhat | enterprise_linux_server_aus | 9.2 |
| redhat | enterprise_linux_server_aus | 9.4 |
| redhat | enterprise_linux_server_aus | 9.6 |
| redhat | enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions | 8.6_ppc64le:_ppc64le |
| redhat | enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions | 8.8_ppc64le:_ppc64le |
| redhat | enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions | 9.0_ppc64le:_ppc64le |
| redhat | enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions | 9.2_ppc64le:_ppc64le |
| redhat | enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions | 9.4_ppc64le:_ppc64le |
| redhat | enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions | 9.6_ppc64le:_ppc64le |
| redhat | enterprise_linux_server_tus | 8.6 |
| redhat | enterprise_linux_server_tus | 8.8 |
| redhat | enterprise_linux_update_services_for_sap_solutions | 8.6 |
| redhat | enterprise_linux_update_services_for_sap_solutions | 8.8 |
| redhat | enterprise_linux_update_services_for_sap_solutions | 9.0 |
| redhat | enterprise_linux_update_services_for_sap_solutions | 9.2 |
| redhat | enterprise_linux_update_services_for_sap_solutions | 9.4 |
| redhat | enterprise_linux_update_services_for_sap_solutions | 9.6 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| libbasicobjects0 |
| ||||||||||||||||||||||||||||||
| libcollection4 |
| ||||||||||||||||||||||||||||||
| libdhash1 |
| ||||||||||||||||||||||||||||||
| libini_config5 |
| ||||||||||||||||||||||||||||||
| libipa_hbac-devel |
| ||||||||||||||||||||||||||||||
| libipa_hbac0 |
| ||||||||||||||||||||||||||||||
| libpath_utils1 |
| ||||||||||||||||||||||||||||||
| libref_array1 |
| ||||||||||||||||||||||||||||||
| libsss_certmap-devel |
| ||||||||||||||||||||||||||||||
| libsss_certmap0 |
| ||||||||||||||||||||||||||||||
| libsss_idmap-devel |
| ||||||||||||||||||||||||||||||
| libsss_idmap0 |
| ||||||||||||||||||||||||||||||
| libsss_nss_idmap-devel |
| ||||||||||||||||||||||||||||||
| libsss_nss_idmap0 |
| ||||||||||||||||||||||||||||||
| libsss_simpleifp-devel |
| ||||||||||||||||||||||||||||||
| libsss_simpleifp0 |
| ||||||||||||||||||||||||||||||
| libsss_sudo |
| ||||||||||||||||||||||||||||||
| python-sssd-config |
| ||||||||||||||||||||||||||||||
| python3-sssd-config |
| ||||||||||||||||||||||||||||||
| sssd |
| ||||||||||||||||||||||||||||||
| sssd-32bit |
| ||||||||||||||||||||||||||||||
| sssd-ad |
| ||||||||||||||||||||||||||||||
| sssd-common |
| ||||||||||||||||||||||||||||||
| sssd-common-32bit |
| ||||||||||||||||||||||||||||||
| sssd-dbus |
| ||||||||||||||||||||||||||||||
| sssd-ipa |
| ||||||||||||||||||||||||||||||
| sssd-kcm |
| ||||||||||||||||||||||||||||||
| sssd-krb5 |
| ||||||||||||||||||||||||||||||
| sssd-krb5-common |
| ||||||||||||||||||||||||||||||
| sssd-ldap |
| ||||||||||||||||||||||||||||||
| sssd-proxy |
| ||||||||||||||||||||||||||||||
| sssd-tools |
| ||||||||||||||||||||||||||||||
| sssd-winbind-idmap |
|
Red Hat Enterprise Linux Releases
Red Hat Product | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| libipa |
| ||||||||||||||||||||
| libsss |
| ||||||||||||||||||||
| python3-libipa |
| ||||||||||||||||||||
| python3-libsss |
| ||||||||||||||||||||
| python3-sss |
| ||||||||||||||||||||
| python3-sss-murmur |
| ||||||||||||||||||||
| python3-sssdconfig |
| ||||||||||||||||||||
| sssd |
| ||||||||||||||||||||
| sssd-ad |
| ||||||||||||||||||||
| sssd-client |
| ||||||||||||||||||||
| sssd-common |
| ||||||||||||||||||||
| sssd-common-pac |
| ||||||||||||||||||||
| sssd-dbus |
| ||||||||||||||||||||
| sssd-idp |
| ||||||||||||||||||||
| sssd-ipa |
| ||||||||||||||||||||
| sssd-kcm |
| ||||||||||||||||||||
| sssd-krb5 |
| ||||||||||||||||||||
| sssd-krb5-common |
| ||||||||||||||||||||
| sssd-ldap |
| ||||||||||||||||||||
| sssd-nfs-idmap |
| ||||||||||||||||||||
| sssd-passkey |
| ||||||||||||||||||||
| sssd-polkit-rules |
| ||||||||||||||||||||
| sssd-proxy |
| ||||||||||||||||||||
| sssd-tools |
| ||||||||||||||||||||
| sssd-winbind-idmap |
|
References