Path Traversal Vulnerability in SSSD's Active Directory Group Policy Provider
CVE-2026-14476
8HIGH
What is CVE-2026-14476?
A path traversal flaw exists in SSSD's Active Directory Group Policy (AD GPO) provider. Specifically, the ad_gpo_extract_smb_components() function fails to properly sanitize '..' sequences in the gPCFileSysPath LDAP attribute. This vulnerability enables an attacker with management access to the AD GPO to write files outside of the designated GPO cache directory, even with root privileges. In environments with default Red Hat Enterprise Linux (RHEL) configurations and SELinux enforced, this vulnerability could lead to the injection of malicious Kerberos configurations, ultimately resulting in authentication bypass.