usn-5067-1
Vulnerability from osv_ubuntu
Jakub Hrozek discovered that SSSD incorrectly handled file permissions. A local attacker could possibly use this issue to read the sudo rules available for any user. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-10852)
It was discovered that SSSD incorrectly handled Group Policy Objects. When SSSD is configured with too strict permissions causing the GPO to not be readable, SSSD will allow all authenticated users to login instead of being denied, contrary to expectations. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-16838)
It was discovered that SSSD incorrectly handled users with no home directory set. When no home directory was set, SSSD would return the root directory instead of an empty string, possibly bypassing security measures. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-3811)
Cedric Buissart discovered that SSSD incorrectly handled the sssctl command. In certain environments, a local user could use this issue to execute arbitrary commands and possibly escalate privileges. (CVE-2021-3621)
{
"affected": [
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2018-10852",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2018-16838",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2019-3811",
"severity": [
{
"score": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2021-3621",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:18.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libipa-hbac0",
"binary_version": "1.16.1-1ubuntu1.8"
},
{
"binary_name": "libnss-sss",
"binary_version": "1.16.1-1ubuntu1.8"
},
{
"binary_name": "libpam-sss",
"binary_version": "1.16.1-1ubuntu1.8"
},
{
"binary_name": "libsss-certmap0",
"binary_version": "1.16.1-1ubuntu1.8"
},
{
"binary_name": "libsss-idmap0",
"binary_version": "1.16.1-1ubuntu1.8"
},
{
"binary_name": "libsss-nss-idmap0",
"binary_version": "1.16.1-1ubuntu1.8"
},
{
"binary_name": "libsss-simpleifp0",
"binary_version": "1.16.1-1ubuntu1.8"
},
{
"binary_name": "libsss-sudo",
"binary_version": "1.16.1-1ubuntu1.8"
},
{
"binary_name": "libwbclient-sssd",
"binary_version": "1.16.1-1ubuntu1.8"
},
{
"binary_name": "python-libipa-hbac",
"binary_version": "1.16.1-1ubuntu1.8"
},
{
"binary_name": "python-libsss-nss-idmap",
"binary_version": "1.16.1-1ubuntu1.8"
},
{
"binary_name": "python-sss",
"binary_version": "1.16.1-1ubuntu1.8"
},
{
"binary_name": "python3-libipa-hbac",
"binary_version": "1.16.1-1ubuntu1.8"
},
{
"binary_name": "python3-libsss-nss-idmap",
"binary_version": "1.16.1-1ubuntu1.8"
},
{
"binary_name": "python3-sss",
"binary_version": "1.16.1-1ubuntu1.8"
},
{
"binary_name": "sssd",
"binary_version": "1.16.1-1ubuntu1.8"
},
{
"binary_name": "sssd-ad",
"binary_version": "1.16.1-1ubuntu1.8"
},
{
"binary_name": "sssd-ad-common",
"binary_version": "1.16.1-1ubuntu1.8"
},
{
"binary_name": "sssd-common",
"binary_version": "1.16.1-1ubuntu1.8"
},
{
"binary_name": "sssd-dbus",
"binary_version": "1.16.1-1ubuntu1.8"
},
{
"binary_name": "sssd-ipa",
"binary_version": "1.16.1-1ubuntu1.8"
},
{
"binary_name": "sssd-kcm",
"binary_version": "1.16.1-1ubuntu1.8"
},
{
"binary_name": "sssd-krb5",
"binary_version": "1.16.1-1ubuntu1.8"
},
{
"binary_name": "sssd-krb5-common",
"binary_version": "1.16.1-1ubuntu1.8"
},
{
"binary_name": "sssd-ldap",
"binary_version": "1.16.1-1ubuntu1.8"
},
{
"binary_name": "sssd-proxy",
"binary_version": "1.16.1-1ubuntu1.8"
},
{
"binary_name": "sssd-tools",
"binary_version": "1.16.1-1ubuntu1.8"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "sssd",
"purl": "pkg:deb/ubuntu/sssd@1.16.1-1ubuntu1.8?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.16.1-1ubuntu1.8"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.15.3-2ubuntu1",
"1.15.3-3ubuntu1",
"1.16.0-5ubuntu1",
"1.16.0-5ubuntu2",
"1.16.1-1ubuntu1",
"1.16.1-1ubuntu1.1",
"1.16.1-1ubuntu1.2",
"1.16.1-1ubuntu1.3",
"1.16.1-1ubuntu1.4",
"1.16.1-1ubuntu1.5",
"1.16.1-1ubuntu1.6",
"1.16.1-1ubuntu1.7"
]
},
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2021-3621",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:20.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libipa-hbac0",
"binary_version": "2.2.3-3ubuntu0.7"
},
{
"binary_name": "libnss-sss",
"binary_version": "2.2.3-3ubuntu0.7"
},
{
"binary_name": "libpam-sss",
"binary_version": "2.2.3-3ubuntu0.7"
},
{
"binary_name": "libsss-certmap0",
"binary_version": "2.2.3-3ubuntu0.7"
},
{
"binary_name": "libsss-idmap0",
"binary_version": "2.2.3-3ubuntu0.7"
},
{
"binary_name": "libsss-nss-idmap0",
"binary_version": "2.2.3-3ubuntu0.7"
},
{
"binary_name": "libsss-simpleifp0",
"binary_version": "2.2.3-3ubuntu0.7"
},
{
"binary_name": "libsss-sudo",
"binary_version": "2.2.3-3ubuntu0.7"
},
{
"binary_name": "libwbclient-sssd",
"binary_version": "2.2.3-3ubuntu0.7"
},
{
"binary_name": "python3-libipa-hbac",
"binary_version": "2.2.3-3ubuntu0.7"
},
{
"binary_name": "python3-libsss-nss-idmap",
"binary_version": "2.2.3-3ubuntu0.7"
},
{
"binary_name": "python3-sss",
"binary_version": "2.2.3-3ubuntu0.7"
},
{
"binary_name": "sssd",
"binary_version": "2.2.3-3ubuntu0.7"
},
{
"binary_name": "sssd-ad",
"binary_version": "2.2.3-3ubuntu0.7"
},
{
"binary_name": "sssd-ad-common",
"binary_version": "2.2.3-3ubuntu0.7"
},
{
"binary_name": "sssd-common",
"binary_version": "2.2.3-3ubuntu0.7"
},
{
"binary_name": "sssd-dbus",
"binary_version": "2.2.3-3ubuntu0.7"
},
{
"binary_name": "sssd-ipa",
"binary_version": "2.2.3-3ubuntu0.7"
},
{
"binary_name": "sssd-kcm",
"binary_version": "2.2.3-3ubuntu0.7"
},
{
"binary_name": "sssd-krb5",
"binary_version": "2.2.3-3ubuntu0.7"
},
{
"binary_name": "sssd-krb5-common",
"binary_version": "2.2.3-3ubuntu0.7"
},
{
"binary_name": "sssd-ldap",
"binary_version": "2.2.3-3ubuntu0.7"
},
{
"binary_name": "sssd-proxy",
"binary_version": "2.2.3-3ubuntu0.7"
},
{
"binary_name": "sssd-tools",
"binary_version": "2.2.3-3ubuntu0.7"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "sssd",
"purl": "pkg:deb/ubuntu/sssd@2.2.3-3ubuntu0.7?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.2.3-3ubuntu0.7"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.2.0-4ubuntu1",
"2.2.2-1",
"2.2.2-1ubuntu1",
"2.2.3-1.1ubuntu1",
"2.2.3-2",
"2.2.3-3",
"2.2.3-3ubuntu0.1",
"2.2.3-3ubuntu0.2",
"2.2.3-3ubuntu0.3",
"2.2.3-3ubuntu0.4",
"2.2.3-3ubuntu0.6"
]
}
],
"aliases": [],
"details": "Jakub Hrozek discovered that SSSD incorrectly handled file permissions. A\nlocal attacker could possibly use this issue to read the sudo rules\navailable for any user. This issue only affected Ubuntu 18.04 LTS.\n(CVE-2018-10852)\n\nIt was discovered that SSSD incorrectly handled Group Policy Objects. When\nSSSD is configured with too strict permissions causing the GPO to not be\nreadable, SSSD will allow all authenticated users to login instead of being\ndenied, contrary to expectations. This issue only affected Ubuntu 18.04\nLTS. (CVE-2018-16838)\n\nIt was discovered that SSSD incorrectly handled users with no home\ndirectory set. When no home directory was set, SSSD would return the root\ndirectory instead of an empty string, possibly bypassing security measures.\nThis issue only affected Ubuntu 18.04 LTS. (CVE-2019-3811)\n\nCedric Buissart discovered that SSSD incorrectly handled the sssctl\ncommand. In certain environments, a local user could use this issue to\nexecute arbitrary commands and possibly escalate privileges.\n(CVE-2021-3621)\n",
"id": "USN-5067-1",
"modified": "2026-04-27T14:11:27Z",
"published": "2021-09-08T11:40:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-5067-1"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2018-10852"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2018-16838"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2019-3811"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2021-3621"
}
],
"related": [],
"schema_version": "1.7.0",
"summary": "sssd vulnerabilities",
"upstream": [
"UBUNTU-CVE-2018-10852",
"UBUNTU-CVE-2018-16838",
"UBUNTU-CVE-2019-3811",
"UBUNTU-CVE-2021-3621"
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.