VYPR
Moderate severityNVD Advisory· Published Jun 16, 2025· Updated Jun 17, 2025

Improper Permission Management in SSH Session Handling

CVE-2025-5689

Description

A flaw was found in the temporary user record that authd uses in the pre-auth NSS. As a result, a user login for the first time will be considered to be part of the root group in the context of that SSH session.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/ubuntu/authdGo
< 0.5.40.5.4

Affected products

3

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.