Upstream information

CVE-2013-0220 at MITRE

Description

The (1) sss_autofs_cmd_getautomntent and (2) sss_autofs_cmd_getautomntbyname function in responder/autofs/autofssrv_cmd.c and the (3) ssh_cmd_parse_request function in responder/ssh/sshsrv_cmd.c in System Security Services Daemon (SSSD) before 1.9.4 allow remote attackers to cause a denial of service (out-of-bounds read, crash, and restart) via a crafted SSSD packet.

SUSE information

SUSE Bugzilla entry: 801036 [RESOLVED / FIXED]

No SUSE Security Announcements cross referenced.

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 12
  • libipa_hbac0 >= 1.11.5.1-5.20
  • libsss_idmap0 >= 1.11.5.1-5.20
  • python-sssd-config >= 1.11.5.1-5.20
  • sssd >= 1.11.5.1-5.20
  • sssd-32bit >= 1.11.5.1-5.20
  • sssd-ad >= 1.11.5.1-5.20
  • sssd-ipa >= 1.11.5.1-5.20
  • sssd-krb5 >= 1.11.5.1-5.20
  • sssd-krb5-common >= 1.11.5.1-5.20
  • sssd-ldap >= 1.11.5.1-5.20
  • sssd-proxy >= 1.11.5.1-5.20
  • sssd-tools >= 1.11.5.1-5.20
Patchnames:
SUSE Linux Enterprise Desktop 12 GA libipa_hbac0
SUSE Linux Enterprise Desktop 12 SP1
  • libipa_hbac0 >= 1.11.5.1-14.1
  • libsss_idmap0 >= 1.11.5.1-14.1
  • libsss_sudo >= 1.11.5.1-14.1
  • python-sssd-config >= 1.11.5.1-14.1
  • sssd >= 1.11.5.1-14.1
  • sssd-32bit >= 1.11.5.1-14.1
  • sssd-ad >= 1.11.5.1-14.1
  • sssd-ipa >= 1.11.5.1-14.1
  • sssd-krb5 >= 1.11.5.1-14.1
  • sssd-krb5-common >= 1.11.5.1-14.1
  • sssd-ldap >= 1.11.5.1-14.1
  • sssd-proxy >= 1.11.5.1-14.1
  • sssd-tools >= 1.11.5.1-14.1
Patchnames:
SUSE Linux Enterprise Desktop 12 SP1 GA libipa_hbac0
SUSE Linux Enterprise Desktop 12 SP2
  • libipa_hbac0 >= 1.13.4-18.10
  • libsss_idmap0 >= 1.13.4-18.10
  • libsss_sudo >= 1.13.4-18.10
  • python-sssd-config >= 1.13.4-18.10
  • sssd >= 1.13.4-18.10
  • sssd-32bit >= 1.13.4-18.10
  • sssd-ad >= 1.13.4-18.10
  • sssd-ipa >= 1.13.4-18.10
  • sssd-krb5 >= 1.13.4-18.10
  • sssd-krb5-common >= 1.13.4-18.10
  • sssd-ldap >= 1.13.4-18.10
  • sssd-proxy >= 1.13.4-18.10
  • sssd-tools >= 1.13.4-18.10
Patchnames:
SUSE Linux Enterprise Desktop 12 SP2 GA libipa_hbac0
SUSE Linux Enterprise Desktop 12 SP3
  • libipa_hbac0 >= 1.13.4-33.2
  • libsss_idmap0 >= 1.13.4-33.2
  • libsss_nss_idmap0 >= 1.13.4-33.2
  • libsss_sudo >= 1.13.4-33.2
  • python-sssd-config >= 1.13.4-33.2
  • sssd >= 1.13.4-33.2
  • sssd-32bit >= 1.13.4-33.2
  • sssd-ad >= 1.13.4-33.2
  • sssd-ipa >= 1.13.4-33.2
  • sssd-krb5 >= 1.13.4-33.2
  • sssd-krb5-common >= 1.13.4-33.2
  • sssd-ldap >= 1.13.4-33.2
  • sssd-proxy >= 1.13.4-33.2
  • sssd-tools >= 1.13.4-33.2
Patchnames:
SUSE Linux Enterprise Desktop 12 SP3 GA libipa_hbac0
SUSE Linux Enterprise Module for Basesystem 15
  • libipa_hbac-devel >= 1.16.1-1.22
  • libipa_hbac0 >= 1.16.1-1.22
  • libsss_certmap-devel >= 1.16.1-1.22
  • libsss_certmap0 >= 1.16.1-1.22
  • libsss_idmap-devel >= 1.16.1-1.22
  • libsss_idmap0 >= 1.16.1-1.22
  • libsss_nss_idmap-devel >= 1.16.1-1.22
  • libsss_nss_idmap0 >= 1.16.1-1.22
  • libsss_simpleifp-devel >= 1.16.1-1.22
  • libsss_simpleifp0 >= 1.16.1-1.22
  • python3-sssd-config >= 1.16.1-1.22
  • sssd >= 1.16.1-1.22
  • sssd-32bit >= 1.16.1-1.22
  • sssd-ad >= 1.16.1-1.22
  • sssd-ipa >= 1.16.1-1.22
  • sssd-krb5 >= 1.16.1-1.22
  • sssd-krb5-common >= 1.16.1-1.22
  • sssd-ldap >= 1.16.1-1.22
  • sssd-proxy >= 1.16.1-1.22
  • sssd-tools >= 1.16.1-1.22
  • sssd-wbclient >= 1.16.1-1.22
  • sssd-wbclient-devel >= 1.16.1-1.22
Patchnames:
SUSE Linux Enterprise Module for Basesystem 15 GA libipa_hbac-devel
SUSE Linux Enterprise Server 11 SP3
  • libsss_idmap0 >= 1.9.4-0.12.24
  • python-sssd-config >= 1.9.4-0.12.24
  • sssd >= 1.9.4-0.12.24
  • sssd-32bit >= 1.9.4-0.12.24
  • sssd-tools >= 1.9.4-0.12.24
Patchnames:
SUSE Linux Enterprise Server 11 SP3 GA libsss_idmap0
SUSE Linux Enterprise Server 11 SP4
  • libsss_idmap0 >= 1.9.4-0.16.1
  • python-sssd-config >= 1.9.4-0.16.1
  • sssd >= 1.9.4-0.16.1
  • sssd-32bit >= 1.9.4-0.16.1
  • sssd-tools >= 1.9.4-0.16.1
Patchnames:
SUSE Linux Enterprise Server 11 SP4 GA libsss_idmap0
SUSE Linux Enterprise Server 12
  • libipa_hbac0 >= 1.11.5.1-5.20
  • libsss_idmap0 >= 1.11.5.1-5.20
  • python-sssd-config >= 1.11.5.1-5.20
  • sssd >= 1.11.5.1-5.20
  • sssd-32bit >= 1.11.5.1-5.20
  • sssd-ad >= 1.11.5.1-5.20
  • sssd-ipa >= 1.11.5.1-5.20
  • sssd-krb5 >= 1.11.5.1-5.20
  • sssd-krb5-common >= 1.11.5.1-5.20
  • sssd-ldap >= 1.11.5.1-5.20
  • sssd-proxy >= 1.11.5.1-5.20
  • sssd-tools >= 1.11.5.1-5.20
Patchnames:
SUSE Linux Enterprise Server 12 GA libipa_hbac0
SUSE Linux Enterprise Server 12 SP1
  • libipa_hbac0 >= 1.11.5.1-14.1
  • libsss_idmap0 >= 1.11.5.1-14.1
  • libsss_sudo >= 1.11.5.1-14.1
  • python-sssd-config >= 1.11.5.1-14.1
  • sssd >= 1.11.5.1-14.1
  • sssd-32bit >= 1.11.5.1-14.1
  • sssd-ad >= 1.11.5.1-14.1
  • sssd-ipa >= 1.11.5.1-14.1
  • sssd-krb5 >= 1.11.5.1-14.1
  • sssd-krb5-common >= 1.11.5.1-14.1
  • sssd-ldap >= 1.11.5.1-14.1
  • sssd-proxy >= 1.11.5.1-14.1
  • sssd-tools >= 1.11.5.1-14.1
Patchnames:
SUSE Linux Enterprise Server 12 SP1 GA libipa_hbac0
SUSE Linux Enterprise Server 12 SP2
  • libipa_hbac0 >= 1.13.4-18.10
  • libsss_idmap0 >= 1.13.4-18.10
  • libsss_sudo >= 1.13.4-18.10
  • python-sssd-config >= 1.13.4-18.10
  • sssd >= 1.13.4-18.10
  • sssd-32bit >= 1.13.4-18.10
  • sssd-ad >= 1.13.4-18.10
  • sssd-ipa >= 1.13.4-18.10
  • sssd-krb5 >= 1.13.4-18.10
  • sssd-krb5-common >= 1.13.4-18.10
  • sssd-ldap >= 1.13.4-18.10
  • sssd-proxy >= 1.13.4-18.10
  • sssd-tools >= 1.13.4-18.10
Patchnames:
SUSE Linux Enterprise Server 12 SP2 GA libipa_hbac0
SUSE Linux Enterprise Server 12 SP3
  • libipa_hbac0 >= 1.13.4-33.2
  • libsss_idmap0 >= 1.13.4-33.2
  • libsss_nss_idmap0 >= 1.13.4-33.2
  • libsss_sudo >= 1.13.4-33.2
  • python-sssd-config >= 1.13.4-33.2
  • sssd >= 1.13.4-33.2
  • sssd-32bit >= 1.13.4-33.2
  • sssd-ad >= 1.13.4-33.2
  • sssd-ipa >= 1.13.4-33.2
  • sssd-krb5 >= 1.13.4-33.2
  • sssd-krb5-common >= 1.13.4-33.2
  • sssd-ldap >= 1.13.4-33.2
  • sssd-proxy >= 1.13.4-33.2
  • sssd-tools >= 1.13.4-33.2
Patchnames:
SUSE Linux Enterprise Server 12 SP3 GA libipa_hbac0
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
  • libipa_hbac0 >= 1.13.4-18.10
  • libsss_idmap0 >= 1.13.4-18.10
  • libsss_sudo >= 1.13.4-18.10
  • python-sssd-config >= 1.13.4-18.10
  • sssd >= 1.13.4-18.10
  • sssd-ad >= 1.13.4-18.10
  • sssd-ipa >= 1.13.4-18.10
  • sssd-krb5 >= 1.13.4-18.10
  • sssd-krb5-common >= 1.13.4-18.10
  • sssd-ldap >= 1.13.4-18.10
  • sssd-proxy >= 1.13.4-18.10
  • sssd-tools >= 1.13.4-18.10
Patchnames:
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 GA libipa_hbac0
SUSE Linux Enterprise Software Development Kit 11 SP4
  • libsss_idmap-devel >= 1.9.4-0.16.1
  • libsss_sudo-devel >= 1.9.4-0.16.1
Patchnames:
SUSE Linux Enterprise Software Development Kit 11 SP4 GA libsss_idmap-devel
SUSE Linux Enterprise Software Development Kit 12
  • libipa_hbac-devel >= 1.11.5.1-5.20
  • libsss_idmap-devel >= 1.11.5.1-5.20
  • libsss_nss_idmap-devel >= 1.11.5.1-5.20
  • libsss_nss_idmap0 >= 1.11.5.1-5.20
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 GA libipa_hbac-devel
SUSE Linux Enterprise Software Development Kit 12 SP1
  • libipa_hbac-devel >= 1.11.5.1-14.1
  • libsss_idmap-devel >= 1.11.5.1-14.1
  • libsss_nss_idmap-devel >= 1.11.5.1-14.1
  • libsss_nss_idmap0 >= 1.11.5.1-14.1
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 SP1 GA libipa_hbac-devel
SUSE Linux Enterprise Software Development Kit 12 SP2
  • libipa_hbac-devel >= 1.13.4-18.10
  • libsss_idmap-devel >= 1.13.4-18.10
  • libsss_nss_idmap-devel >= 1.13.4-18.10
  • libsss_nss_idmap0 >= 1.13.4-18.10
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 SP2 GA libipa_hbac-devel
SUSE Linux Enterprise Software Development Kit 12 SP3
  • libipa_hbac-devel >= 1.13.4-33.2
  • libsss_idmap-devel >= 1.13.4-33.2
  • libsss_nss_idmap-devel >= 1.13.4-33.2
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 SP3 GA libipa_hbac-devel
openSUSE Leap 42.1
  • libsss_idmap0 >= 1.11.5.1-5.1
  • sssd >= 1.11.5.1-5.1
  • sssd-32bit >= 1.11.5.1-5.1
  • sssd-krb5-common >= 1.11.5.1-5.1
  • sssd-ldap >= 1.11.5.1-5.1
Patchnames:
openSUSE Leap 42.1 GA libsss_idmap0
openSUSE Leap 42.2
  • libsss_idmap0 >= 1.13.4-1.5
  • libsss_sudo >= 1.13.4-1.5
  • sssd >= 1.13.4-1.5
  • sssd-32bit >= 1.13.4-1.5
  • sssd-krb5-common >= 1.13.4-1.5
  • sssd-ldap >= 1.13.4-1.5
Patchnames:
openSUSE Leap 42.2 GA libsss_idmap0
openSUSE Leap 42.3
  • libsss_idmap0 >= 1.13.4-7.5
  • libsss_sudo >= 1.13.4-7.5
  • sssd >= 1.13.4-7.5
  • sssd-32bit >= 1.13.4-7.5
  • sssd-krb5-common >= 1.13.4-7.5
  • sssd-ldap >= 1.13.4-7.5
Patchnames:
openSUSE Leap 42.3 GA libsss_idmap0
openSUSE Tumbleweed
  • libipa_hbac-devel >= 1.14.2-3.1
  • libipa_hbac0 >= 1.14.2-3.1
  • libnfsidmap-sss >= 1.14.2-3.1
  • libsss_idmap-devel >= 1.14.2-3.1
  • libsss_idmap0 >= 1.14.2-3.1
  • libsss_nss_idmap-devel >= 1.14.2-3.1
  • libsss_nss_idmap0 >= 1.14.2-3.1
  • libsss_simpleifp-devel >= 1.14.2-3.1
  • libsss_simpleifp0 >= 1.14.2-3.1
  • python-ipa_hbac >= 1.14.2-3.1
  • python-sss-murmur >= 1.14.2-3.1
  • python-sss_nss_idmap >= 1.14.2-3.1
  • python-sssd-config >= 1.14.2-3.1
  • python3-ipa_hbac >= 1.14.2-3.1
  • python3-sss-murmur >= 1.14.2-3.1
  • python3-sss_nss_idmap >= 1.14.2-3.1
  • python3-sssd-config >= 1.14.2-3.1
  • sssd >= 1.14.2-3.1
  • sssd-32bit >= 1.14.2-3.1
  • sssd-ad >= 1.14.2-3.1
  • sssd-dbus >= 1.14.2-3.1
  • sssd-ipa >= 1.14.2-3.1
  • sssd-krb5 >= 1.14.2-3.1
  • sssd-krb5-common >= 1.14.2-3.1
  • sssd-ldap >= 1.14.2-3.1
  • sssd-proxy >= 1.14.2-3.1
  • sssd-tools >= 1.14.2-3.1
  • sssd-wbclient >= 1.14.2-3.1
  • sssd-wbclient-devel >= 1.14.2-3.1
  • sssd-winbind-idmap >= 1.14.2-3.1
Patchnames:
openSUSE Tumbleweed GA libipa_hbac-devel