ALAS-2016-635 ---- sssd, python, libsss_nss_idmap, libsss_idmap, libipa_hbacID: oval:org.secpod.oval:def:1600330 | Date: (C)2016-05-19 (M)2023-07-28 |
Class: PATCH | Family: unix |
It was found that SSSD"s Privilege Attribute Certificate responder plug-in would leak a small amount of memory on each authentication request. A remote attacker could potentially use this flaw to exhaust all available memory on the system by making repeated requests to a Kerberized daemon application configured to authenticate using the PAC responder plug-in.
Platform: |
Amazon Linux AMI |
Product: |
sssd |
python |
libsss_idmap |
libipa_hbac |
libsss_nss_idmap |