MGASA-2024-0176

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2023-3758

Published: 15 May 2024, 05:32

Last modified:16 Apr 2026, 04:21

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

15 May 2024, 05:32

Published

Vulnerability first disclosed

16 Apr 2026, 04:21

Last Modified

Vulnerability information updated

Description

Updated sssd packages fix security vulnerability A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately. (CVE-2023-3758)

Affected Systems

mageia•sssd
< 2.8.2-2.1.mga9

References (4)

https://advisories.mageia.org/MGASA-2024-0176.html
https://bugs.mageia.org/show_bug.cgi?id=33203
https://lwn.net/Articles/973070/
https://lists.suse.com/pipermail/sle-updates/2024-May/035216.html