Home

CVE-2019-3811

Description

A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return / (the root directory) instead of (the empty string / no home directory). This could impact services that restrict the users filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable.

Risk Information

Base Score
5.2
MODERATE
Vector
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.153

Associated Vulnerability

VulnerabilityOS Platform
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) libipa_hbac0-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) libipa_hbac0-debuginfo-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) libsss_certmap0-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) libsss_certmap0-debuginfo-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) libsss_idmap0-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) libsss_idmap0-debuginfo-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) libsss_nss_idmap0-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) libsss_nss_idmap0-debuginfo-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) libsss_simpleifp0-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) libsss_simpleifp0-debuginfo-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) python-sssd-config-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) python-sssd-config-debuginfo-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-32bit-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-ad-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-ad-debuginfo-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-debuginfo-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-debuginfo-32bit-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-debugsource-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-ipa-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-ipa-debuginfo-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-krb5-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-krb5-common-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-krb5-common-debuginfo-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-krb5-debuginfo-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-ldap-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-ldap-debuginfo-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-proxy-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-proxy-debuginfo-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-tools-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0556-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-tools-debuginfo-1.16.1-4.3.2.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) adcli-0.8.2-1.3.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) adcli-debuginfo-0.8.2-1.3.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) adcli-debugsource-0.8.2-1.3.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) libipa_hbac0-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) libipa_hbac0-debuginfo-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) libsss_idmap0-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) libsss_idmap0-debuginfo-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) libsss_nss_idmap0-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) libsss_nss_idmap0-debuginfo-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) libsss_sudo-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) libsss_sudo-debuginfo-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) python-sssd-config-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) python-sssd-config-debuginfo-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-32bit-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-ad-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-ad-debuginfo-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-debuginfo-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-debuginfo-32bit-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-debugsource-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-ipa-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-ipa-debuginfo-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-krb5-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-krb5-common-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-krb5-common-debuginfo-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-krb5-debuginfo-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-ldap-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-ldap-debuginfo-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-proxy-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-proxy-debuginfo-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-tools-1.13.4-34.31.1.x86_64.rpmLinux
SUSE-SU-2019:0805-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-tools-debuginfo-1.13.4-34.31.1.x86_64.rpmLinux
System Security Services Daemon (USN-5067-1) sssd_2.2.3-3ubuntu0.8_amd64.debLinux
System Security Services Daemon (USN-5067-1) sssd_2.4.0-1ubuntu6.1_amd64.debLinux
System Security Services Daemon (USN-5067-1) sssd_1.16.1-1ubuntu1.8_i386.debLinux
System Security Services Daemon (USN-5067-1) sssd_1.16.1-1ubuntu1.8_amd64.debLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234