CVE-2015-5292

描述

Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption) via a large number of logins that trigger parsing of PAC blobs during Kerberos authentication.

受影響套件(1)

• Debian/sssdfrom 0, < 1.13.1-1

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-5292