Your submission was sent successfully! Close

CVE-2021-3621

Published: 16 August 2021

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Priority

Medium

CVSS 3 base score: 8.8

Status

Package Release Status
sssd
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 21.10 (Impish Indri)
Released (2.4.1-2ubuntu4)
Ubuntu 21.04 (Hirsute Hippo)
Released (2.4.0-1ubuntu6.1)
Ubuntu 20.04 LTS (Focal Fossa)
Released (2.2.3-3ubuntu0.7)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (1.16.1-1ubuntu1.8)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(code not present)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Patches:
Upstream: https://github.com/SSSD/sssd/commit/7ab83f97e1cbefb78ece17232185bdd2985f0bbe

Notes

AuthorNote
leosilva
vulnerability was introduced in v1.13.91
by commit: https://github.com/SSSD/sssd/commit/e157b9f6cb370e1b94bcac2044d26ad66d640fba
xenial/esm is not-affected as it is based on 1.13.4-1 and so, code affected
is not present.

References

Bugs