摘要:
A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return / (the root directory) instead of (the empty string / no home directory). This could impact services that restrict the user s filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable.
安全等级: Low
公告ID: KylinSec-SA-2023-1324
发布日期: 2023年5月6日
关联CVE: CVE-2019-3811
A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return / (the root directory) instead of (the empty string / no home directory). This could impact services that restrict the user s filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2019-3811 | KY3.4-4A | sssd | Unaffected |
| CVE-2019-3811 | KY3.4-5A | sssd | Unaffected |
| CVE-2019-3811 | KY3.5.1 | sssd | Unaffected |
| CVE-2019-3811 | KY3.5.2 | sssd | Unaffected |
