CVE-2018-10852

NameCVE-2018-10852
DescriptionThe UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. This affects versions of SSSD before 1.16.3.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-1429-1
NVD severitymedium
Debian Bugs902860

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
sssd (PTS)jessie, jessie (lts)1.11.7-3+deb8u2fixed
stretch1.15.0-3+deb9u1vulnerable
stretch (security)1.15.0-3+deb9u2vulnerable
buster1.16.3-3.2fixed
bullseye2.4.1-2fixed
sid, bookworm2.6.1-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
sssdsourcewheezy(unfixed)end-of-life
sssdsourcejessie1.11.7-3+deb8u1DLA-1429-1
sssdsource(unstable)1.16.3-1902860

Notes

[stretch] - sssd <no-dsa> (Minor issue)
https://pagure.io/SSSD/sssd/issue/3766
https://pagure.io/SSSD/sssd/c/ed90a20a0f0e936eb00d268080716c0384ffb01d (master, ssd-1_16_3)

Search for package or bug name: Reporting problems