Moderate severityNVD Advisory· Published Jun 16, 2025· Updated Jun 17, 2025
Improper Permission Management in SSH Session Handling
CVE-2025-5689
Description
A flaw was found in the temporary user record that authd uses in the pre-auth NSS. As a result, a user login for the first time will be considered to be part of the root group in the context of that SSH session.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/ubuntu/authdGo | < 0.5.4 | 0.5.4 |
Affected products
3- ghsa-coords2 versions
< 0.5.4+ 1 more
- (no CPE)range: < 0.5.4
- (no CPE)range: < 0.0.20250730T213748-1.1
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.