Memory Leak in System Security Services Daemon PAC Responder Plugin
CVE-2015-5292

Currently unrated

Key Information:

Vendor

Fedoraproject

Status
Sssd
Vendor
CVE Published:
29 October 2015

What is CVE-2015-5292?

A memory leak issue exists in the Privilege Attribute Certificate (PAC) responder plugin within the System Security Services Daemon (SSSD). This vulnerability can be exploited by remote authenticated users through repeated logins that provoke the parsing of PAC blobs during Kerberos authentication. Such actions may lead to excessive memory consumption, ultimately resulting in a denial of service, affecting the availability of the system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://rhn.redhat.com/errata/RHSA-2015-2355.html
vendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2015-2019.html
vendor-advisoryx_refsource_REDHAT
http://permalink.gmane.org/gmane.linux.redhat.sssd.user/3422
mailing-listx_refsource_MLIST

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.