Ticket #1781 (closed defect: fixed)
sssd: Out-of-bounds read flaws in autofs and ssh services responders
|Reported by:||jhrozek||Owned by:||jcholast|
|Coverity Bug:||Patch Submitted:||no|
|Red Hat Bugzilla:||884601||Design link:|
|Design review:||no||Fedora test page:|
|Chosen:||Candidate to push out:|
Multiple out-of-buffer bounds read flaws were found in the way autofs and ssh service responders of sssd, a System Security Services Daemon, performed parsing of SSSD packet values. An attacker could provide a specially-crafted packet that, when processed by the autofs or ssh service responders of sssd would lead to sssd server crash (temporary denial of service).
This issue was found by Florian Weimer of Red Hat Product Security Team.