Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/sssd@2.8.2-4%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/sssd@2.8.2-4%2Bdeb12u1?distro=trixie
Next non-vulnerable version 2.9.5-1
Latest non-vulnerable version 2.12.0-4
Risk 4.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-ztj4-pvvh-wuay
Aliases:
CVE-2025-11561
sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems
2.12.0-1
Affected by 0 other vulnerabilities.
2.12.0-4
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (19)
Vulnerability Summary Aliases
VCID-3sh2-437b-ayfj sssd: Out-of-bounds read flaws in autofs and ssh services responders CVE-2013-0220
VCID-5hxw-dnz2-v7by sssd: fallback_homedir returns '/' for empty home directories in passwd file CVE-2019-3811
VCID-68qt-2ghp-dba7 sssd: allows null password entry to authenticate against LDAP CVE-2010-2940
VCID-9vna-wqey-kkdm SSSD accepts any password when offline with a valid TGT available CVE-2010-0014
VCID-bveu-ff3p-gfh7 sssd: information leak from the sssd-sudo responder CVE-2018-10852
VCID-d4ke-65rx-13ac sssd: incorrect expansion of group membership when encountering a non-POSIX group CVE-2014-0249
VCID-f5pv-qsd2-gkda sssd: DoS in sssd PAM responder can prevent logins CVE-2010-4341
VCID-gn4q-ub2s-hbcz The krb5_save_ccname_done function in providers/krb5/krb5_auth.c in System Security Services Daemon (SSSD) 1.5.x before 1.5.7, when automatic ticket renewal and offline authentication are configured, uses a pathname string as a password, which allows local users to bypass Kerberos authentication by listing the /tmp directory to obtain the pathname. CVE-2011-1758
VCID-jhrd-1f8g-6ueh sssd: unsanitized input when searching in local cache database CVE-2017-12173
VCID-kb5t-88br-5yh8 sssd: TOCTOU race conditions by copying and removing directory trees CVE-2013-0219
VCID-r1m1-kp4g-pbc7 A vulnerability has been discovered in SSSD, which can lead to arbitrary code execution. CVE-2021-3621
VCID-t4w3-vj56-4fcq sssd: Race condition during authorization leads to GPO policies functioning inconsistently CVE-2023-3758
VCID-t5gr-yesx-hqah sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters CVE-2022-4254
VCID-w78p-q142-juh7 The local_handler_callback function in server/responder/pam/pam_LOCAL_domain.c in sssd 0.4.1 does not properly handle blank-password accounts in the SSSD BE database, which allows context-dependent attackers to obtain access by sending the account's username, in conjunction with an arbitrary password, over an ssh connection. CVE-2009-2410
VCID-wz3w-7eag-83ft sssd: simple access provider flaw prevents intended ACL use when client to an AD provider CVE-2013-0287
VCID-xpwr-fzex-m7fa A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context. CVE-2012-3462
VCID-yn22-35eg-1khb sssd: improper implementation of GPOs due to too restrictive permissions CVE-2018-16838
VCID-zee4-1xpd-27bc sssd: Information leak in infopipe due to an improper uid restriction CVE-2018-16883
VCID-zz4w-9935-q3gc sssd: memory leak in the sssd_pac_plugin CVE-2015-5292

Date Actor Action Vulnerability Source VulnerableCode Version
2026-05-02T06:44:58.116371+00:00 Debian Importer Fixing VCID-r1m1-kp4g-pbc7 https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T06:34:02.887526+00:00 Debian Importer Fixing VCID-zee4-1xpd-27bc https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T06:15:23.696976+00:00 Debian Importer Fixing VCID-3sh2-437b-ayfj https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T04:45:55.232394+00:00 Debian Importer Fixing VCID-xpwr-fzex-m7fa https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T04:44:10.620093+00:00 Debian Importer Fixing VCID-jhrd-1f8g-6ueh https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T04:26:33.089245+00:00 Debian Importer Fixing VCID-w78p-q142-juh7 https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T04:23:44.639453+00:00 Debian Importer Fixing VCID-gn4q-ub2s-hbcz https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T02:59:54.637452+00:00 Debian Importer Fixing VCID-d4ke-65rx-13ac https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T02:44:22.432597+00:00 Debian Importer Fixing VCID-bveu-ff3p-gfh7 https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T02:39:28.150040+00:00 Debian Importer Fixing VCID-5hxw-dnz2-v7by https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T01:51:36.930429+00:00 Debian Importer Fixing VCID-9vna-wqey-kkdm https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T00:58:46.930550+00:00 Debian Importer Fixing VCID-yn22-35eg-1khb https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T00:35:49.979715+00:00 Debian Importer Fixing VCID-kb5t-88br-5yh8 https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T00:04:21.724249+00:00 Debian Importer Fixing VCID-t5gr-yesx-hqah https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-02T00:02:28.733946+00:00 Debian Importer Fixing VCID-68qt-2ghp-dba7 https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-01T23:57:12.149633+00:00 Debian Importer Fixing VCID-f5pv-qsd2-gkda https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-01T22:52:24.682030+00:00 Debian Importer Fixing VCID-zz4w-9935-q3gc https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-01T22:22:47.178941+00:00 Debian Importer Fixing VCID-wz3w-7eag-83ft https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-01T22:20:48.748491+00:00 Debian Importer Fixing VCID-t4w3-vj56-4fcq https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-04-28T13:54:41.417007+00:00 Debian Importer Affected by VCID-ztj4-pvvh-wuay https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T13:29:44.014435+00:00 Debian Importer Fixing VCID-jhrd-1f8g-6ueh https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T13:02:05.630036+00:00 Debian Importer Fixing VCID-zee4-1xpd-27bc https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:59:37.788131+00:00 Debian Importer Fixing VCID-t5gr-yesx-hqah https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:51:42.130500+00:00 Debian Importer Fixing VCID-d4ke-65rx-13ac https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:47:36.035444+00:00 Debian Importer Fixing VCID-5hxw-dnz2-v7by https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:44:27.197297+00:00 Debian Importer Fixing VCID-r1m1-kp4g-pbc7 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:23:20.328372+00:00 Debian Importer Fixing VCID-3sh2-437b-ayfj https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:43:11.295042+00:00 Debian Importer Fixing VCID-xpwr-fzex-m7fa https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:36:44.128212+00:00 Debian Importer Fixing VCID-kb5t-88br-5yh8 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:34:27.788001+00:00 Debian Importer Fixing VCID-w78p-q142-juh7 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:33:19.465095+00:00 Debian Importer Fixing VCID-gn4q-ub2s-hbcz https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:20:43.333409+00:00 Debian Importer Fixing VCID-zz4w-9935-q3gc https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:01:59.709134+00:00 Debian Importer Fixing VCID-9vna-wqey-kkdm https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:50:31.138577+00:00 Debian Importer Fixing VCID-bveu-ff3p-gfh7 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:43:37.503290+00:00 Debian Importer Fixing VCID-t4w3-vj56-4fcq https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:02:32.149455+00:00 Debian Importer Fixing VCID-yn22-35eg-1khb https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:38:10.570620+00:00 Debian Importer Fixing VCID-68qt-2ghp-dba7 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:35:45.206570+00:00 Debian Importer Fixing VCID-f5pv-qsd2-gkda https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:54:34.562380+00:00 Debian Importer Fixing VCID-wz3w-7eag-83ft https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T09:18:47.671032+00:00 Debian Importer Fixing VCID-jhrd-1f8g-6ueh https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:57:33.565793+00:00 Debian Importer Fixing VCID-zee4-1xpd-27bc https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:55:41.178193+00:00 Debian Importer Fixing VCID-t5gr-yesx-hqah https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:49:39.902737+00:00 Debian Importer Fixing VCID-d4ke-65rx-13ac https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:46:32.027415+00:00 Debian Importer Fixing VCID-5hxw-dnz2-v7by https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:44:11.592977+00:00 Debian Importer Fixing VCID-r1m1-kp4g-pbc7 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:28:37.176360+00:00 Debian Importer Fixing VCID-3sh2-437b-ayfj https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:59:17.980361+00:00 Debian Importer Fixing VCID-xpwr-fzex-m7fa https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:54:53.430694+00:00 Debian Importer Fixing VCID-kb5t-88br-5yh8 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:53:26.456039+00:00 Debian Importer Fixing VCID-w78p-q142-juh7 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:52:39.165464+00:00 Debian Importer Fixing VCID-gn4q-ub2s-hbcz https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:43:22.404115+00:00 Debian Importer Fixing VCID-zz4w-9935-q3gc https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:29:25.622649+00:00 Debian Importer Fixing VCID-9vna-wqey-kkdm https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:20:25.037158+00:00 Debian Importer Fixing VCID-bveu-ff3p-gfh7 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:15:14.114996+00:00 Debian Importer Fixing VCID-t4w3-vj56-4fcq https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:44:10.182511+00:00 Debian Importer Fixing VCID-yn22-35eg-1khb https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:24:47.496064+00:00 Debian Importer Fixing VCID-68qt-2ghp-dba7 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:23:25.184709+00:00 Debian Importer Fixing VCID-f5pv-qsd2-gkda https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:58:45.593382+00:00 Debian Importer Fixing VCID-wz3w-7eag-83ft https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:53:27.028003+00:00 Debian Importer Affected by VCID-ztj4-pvvh-wuay https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.964949+00:00 Debian Importer Fixing VCID-t4w3-vj56-4fcq https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.919685+00:00 Debian Importer Fixing VCID-t5gr-yesx-hqah https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.862562+00:00 Debian Importer Fixing VCID-r1m1-kp4g-pbc7 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.813298+00:00 Debian Importer Fixing VCID-5hxw-dnz2-v7by https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.764187+00:00 Debian Importer Fixing VCID-zee4-1xpd-27bc https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.709965+00:00 Debian Importer Fixing VCID-yn22-35eg-1khb https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.660064+00:00 Debian Importer Fixing VCID-bveu-ff3p-gfh7 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.610093+00:00 Debian Importer Fixing VCID-jhrd-1f8g-6ueh https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.564952+00:00 Debian Importer Fixing VCID-zz4w-9935-q3gc https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.517239+00:00 Debian Importer Fixing VCID-d4ke-65rx-13ac https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.470079+00:00 Debian Importer Fixing VCID-wz3w-7eag-83ft https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.423821+00:00 Debian Importer Fixing VCID-3sh2-437b-ayfj https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.374049+00:00 Debian Importer Fixing VCID-kb5t-88br-5yh8 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.329287+00:00 Debian Importer Fixing VCID-xpwr-fzex-m7fa https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.287987+00:00 Debian Importer Fixing VCID-gn4q-ub2s-hbcz https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.235536+00:00 Debian Importer Fixing VCID-f5pv-qsd2-gkda https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.173398+00:00 Debian Importer Fixing VCID-68qt-2ghp-dba7 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.128627+00:00 Debian Importer Fixing VCID-9vna-wqey-kkdm https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:53:26.083627+00:00 Debian Importer Fixing VCID-w78p-q142-juh7 https://security-tracker.debian.org/tracker/data/json 38.1.0