High severity7.1OSV Advisory· Published Apr 18, 2024· Updated Jun 17, 2026
CVE-2023-3758
CVE-2023-3758
Description
A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
61- osv-coords59 versionspkg:rpm/almalinux/libipa_hbacpkg:rpm/almalinux/libsss_autofspkg:rpm/almalinux/libsss_certmappkg:rpm/almalinux/libsss_idmappkg:rpm/almalinux/libsss_nss_idmappkg:rpm/almalinux/libsss_nss_idmap-develpkg:rpm/almalinux/libsss_simpleifppkg:rpm/almalinux/libsss_sudopkg:rpm/almalinux/python3-libipa_hbacpkg:rpm/almalinux/python3-libsss_nss_idmappkg:rpm/almalinux/python3-ssspkg:rpm/almalinux/python3-sssdconfigpkg:rpm/almalinux/python3-sss-murmurpkg:rpm/almalinux/sssdpkg:rpm/almalinux/sssd-adpkg:rpm/almalinux/sssd-clientpkg:rpm/almalinux/sssd-commonpkg:rpm/almalinux/sssd-common-pacpkg:rpm/almalinux/sssd-dbuspkg:rpm/almalinux/sssd-idppkg:rpm/almalinux/sssd-ipapkg:rpm/almalinux/sssd-kcmpkg:rpm/almalinux/sssd-krb5pkg:rpm/almalinux/sssd-krb5-commonpkg:rpm/almalinux/sssd-ldappkg:rpm/almalinux/sssd-nfs-idmappkg:rpm/almalinux/sssd-passkeypkg:rpm/almalinux/sssd-polkit-rulespkg:rpm/almalinux/sssd-proxypkg:rpm/almalinux/sssd-toolspkg:rpm/almalinux/sssd-winbind-idmappkg:rpm/opensuse/sssd&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/sssd&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/sssd&distro=openSUSE%20Leap%20Micro%205.3pkg:rpm/opensuse/sssd&distro=openSUSE%20Leap%20Micro%205.4pkg:rpm/suse/sssd&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/sssd&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/sssd&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/sssd&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/sssd&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/sssd&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/sssd&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/sssd&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/sssd&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/sssd&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/sssd&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/sssd&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/sssd&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/sssd&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/sssd&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/sssd&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/sssd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/sssd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/sssd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/sssd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/sssd&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/sssd&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/sssd&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/sssd&distro=SUSE%20Manager%20Server%204.3
< 2.9.4-6.el9_4+ 58 more
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.9.4-6.el9_4
- (no CPE)range: < 2.5.2-150500.10.17.1
- (no CPE)range: < 2.9.3-150600.3.3.1
- (no CPE)range: < 2.5.2-150400.4.27.1
- (no CPE)range: < 2.5.2-150400.4.27.1
- (no CPE)range: < 1.16.1-150300.23.43.1
- (no CPE)range: < 1.16.1-150200.17.32.1
- (no CPE)range: < 1.16.1-150300.23.43.1
- (no CPE)range: < 2.5.2-150400.4.27.1
- (no CPE)range: < 2.5.2-150400.4.27.1
- (no CPE)range: < 1.16.1-150300.23.43.1
- (no CPE)range: < 1.16.1-150300.23.43.1
- (no CPE)range: < 2.5.2-150400.4.27.1
- (no CPE)range: < 2.5.2-150400.4.27.1
- (no CPE)range: < 2.5.2-150500.10.17.1
- (no CPE)range: < 2.5.2-150500.10.17.1
- (no CPE)range: < 2.9.3-150600.3.3.1
- (no CPE)range: < 1.16.1-7.61.1
- (no CPE)range: < 1.16.1-150200.17.32.1
- (no CPE)range: < 1.16.1-150300.23.43.1
- (no CPE)range: < 2.5.2-150400.4.27.1
- (no CPE)range: < 1.16.1-7.61.1
- (no CPE)range: < 1.16.1-150200.17.32.1
- (no CPE)range: < 1.16.1-150300.23.43.1
- (no CPE)range: < 2.5.2-150400.4.27.1
- (no CPE)range: < 1.16.1-7.61.1
- (no CPE)range: < 2.8.2-6.1
- (no CPE)range: < 2.5.2-150400.4.27.1
- (no CPE)range: < 2.5.2-150400.4.27.1
Patches
Vulnerability mechanics
References
13- github.com/SSSD/sssd/pull/7302nvdExploitIssue TrackingPatch
- access.redhat.com/errata/RHSA-2024:1919nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2024:1920nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2024:1921nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2024:1922nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2024:2571nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2024:3270nvdThird Party Advisory
- access.redhat.com/security/cve/CVE-2023-3758nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RV3HIZI3SURBUQKSOOL3XE64OOBQ2HTK/nvdMailing ListThird Party Advisory
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XEP62IDS7A55D5UHM6GH7QZ7SQFOAPVF/nvdMailing ListThird Party Advisory
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMORAO2BDDA5YX4ZLMXDZ7SM6KU47SY5/nvdMailing ListThird Party Advisory
- lists.debian.org/debian-lts-announce/2025/02/msg00008.htmlnvd
News mentions
0No linked articles in our index yet.