It was discovered that SSSD incorrectly handled certain inputs when querying its local cache. An attacker could use this to inject arbitrary code and expose sensitive information.
{ "availability": "No subscription required", "binaries": [ { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "libipa-hbac-dev" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "libipa-hbac0" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "libnss-sss" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "libpam-sss" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "libsss-idmap-dev" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "libsss-idmap0" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "libsss-nss-idmap-dev" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "libsss-nss-idmap0" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "libsss-simpleifp-dev" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "libsss-simpleifp0" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "libsss-sudo" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "libwbclient-sssd" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "libwbclient-sssd-dev" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "python-libipa-hbac" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "python-libsss-nss-idmap" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "python-sss" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "python3-libipa-hbac" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "python3-libsss-nss-idmap" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "python3-sss" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "sssd" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "sssd-ad" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "sssd-ad-common" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "sssd-common" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "sssd-dbus" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "sssd-ipa" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "sssd-krb5" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "sssd-krb5-common" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "sssd-ldap" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "sssd-proxy" }, { "binary_version": "1.13.4-1ubuntu1.10", "binary_name": "sssd-tools" } ] }
{ "ecosystem": "Ubuntu:16.04:LTS", "cves": [ { "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "type": "CVSS_V3" }, { "score": "medium", "type": "Ubuntu" } ], "id": "CVE-2017-12173" } ] }