Wind River Support Network

HomeDefectsLIN1018-3342
Not to be fixed

LIN1018-3342 : Security Advisory - sssd - CVE-2018-16883

Created: Jan 1, 2019    Updated: Nov 2, 2023
Resolved Date: Nov 2, 2023
Found In Version: unknown
Severity: Standard
Applicable for: Wind River Linux LTS 18
Component/s: Userspace

Description

sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the allowed_uids configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers.

https://nvd.nist.gov/vuln/detail/CVE-2018-16883
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube