Package: sssd
Version: 2.8.2-4
Using libpam_sss I have seen weird login failures on dovecot
(bad password, even though the password was correct, and
"Insufficient credentials to access authentication data"
several times in a row, until it finally succeeds) for sssd
on Bookworm. Since
https://nvd.nist.gov/vuln/detail/CVE-2023-3758
explicitly mentions
A race condition flaw was found in sssd where the
GPO policy is not consistently applied for authen-
ticated users. This may lead to improper authori-
zation issues, granting or denying access to
resources inappropriately.
I wonder if CVE-2023-3758 could be fixed for sssd version
2.8.2 as well? Unfortunately there is not backport of sssd
2.9.x.
Regards
Harri
