CVE-2015-5292

Description

Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption) via a large number of logins that trigger parsing of PAC blobs during Kerberos authentication.

Affected packages (1)

• Debian/sssdfrom 0, < 1.13.1-1

References (1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-5292