CVE-2023-3758
Publication date 18 April 2024
Last updated 24 July 2024
Ubuntu priority
A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.
Status
Package | Ubuntu Release | Status |
---|---|---|
sssd | 24.04 LTS noble |
Fixed 2.9.4-1.1ubuntu6.1
|
22.04 LTS jammy |
Fixed 2.6.3-1ubuntu3.3
|
|
20.04 LTS focal |
Fixed 2.2.3-3ubuntu0.13
|
|
18.04 LTS bionic |
Needs evaluation
|
|
16.04 LTS xenial |
Needs evaluation
|
References
Related Ubuntu Security Notices (USN)
- USN-6836-1
- SSSD vulnerability
- 17 June 2024
Other references
- https://www.cve.org/CVERecord?id=CVE-2023-3758
- https://github.com/SSSD/sssd/pull/7302
- https://access.redhat.com/errata/RHSA-2024:1919
- https://access.redhat.com/errata/RHSA-2024:1920
- https://access.redhat.com/errata/RHSA-2024:1921
- https://access.redhat.com/errata/RHSA-2024:1922
- https://access.redhat.com/security/cve/CVE-2023-3758