#1781 sssd: Out-of-bounds read flaws in autofs and ssh services responders

Created 4 years ago by jhrozek
Modified 4 months ago

Multiple out-of-buffer bounds read flaws were found in the way autofs and ssh service responders of sssd, a System Security Services Daemon, performed parsing of SSSD packet values. An attacker could provide a specially-crafted packet that, when processed by the autofs or ssh service responders of sssd would lead to sssd server crash (temporary denial of service).

This issue was found by Florian Weimer of Red Hat Product Security Team.

Fields changed

owner: somebody => jcholast

  • master: 2bd514cfde1938b1e245af11c9b548d58d49b325
  • sssd-1-9: 30e2585dd46b62aa3a4abdf6de3f40a20e1743ab

resolution: => fixed
status: new => closed

4 months ago

Metadata Update from @jhrozek:
- Issue assigned to jcholast
- Issue set to the milestone: SSSD 1.9.4

Login to comment on this ticket.

defect

SSSD

1.9.3

0

0

884601

0

cancel