CVE-2023-3758

Exploit

EPSS 0.03%
Published 18.04.2024 19:15:08
Last modified 18.06.2025 19:44:10
Source secalert@redhat.com
Teams watchlist Login
Open Login

A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.

Affected products Warnungen 0 Metrics 3 CWE 1 References 15

Data is provided by the National Vulnerability Database (NVD)

Fedoraproject ≫ Sssd Version < 2.9.5

Redhat ≫ Codeready Linux Builder Version8.0

Redhat ≫ Codeready Linux Builder Eus Version8.6

Redhat ≫ Codeready Linux Builder Eus Version8.8

Redhat ≫ Codeready Linux Builder Eus Version9.0

Redhat ≫ Codeready Linux Builder Eus Version9.2

Redhat ≫ Codeready Linux Builder Eus Version9.4

Redhat ≫ Codeready Linux Builder Eus Version9.6

Redhat ≫ Codeready Linux Builder For Arm64 Version8.0_aarch64

Redhat ≫ Codeready Linux Builder For Arm64 Eus Version8.6_aarch64

Redhat ≫ Codeready Linux Builder For Arm64 Eus Version8.8_aarch64

Redhat ≫ Codeready Linux Builder For Arm64 Eus Version9.0_aarch64

Redhat ≫ Codeready Linux Builder For Arm64 Eus Version9.2_aarch64

Redhat ≫ Codeready Linux Builder For Arm64 Eus Version9.4_aarch64

Redhat ≫ Codeready Linux Builder For Arm64 Eus Version9.6_aarch64

Redhat ≫ Codeready Linux Builder For Ibm Z Systems Version8.0_s390x

Redhat ≫ Codeready Linux Builder For Ibm Z Systems Eus Version8.6_s390x

Redhat ≫ Codeready Linux Builder For Ibm Z Systems Eus Version8.8_s390x

Redhat ≫ Codeready Linux Builder For Ibm Z Systems Eus Version9.0_s390x

Redhat ≫ Codeready Linux Builder For Ibm Z Systems Eus Version9.2_s390x

Redhat ≫ Codeready Linux Builder For Ibm Z Systems Eus Version9.4_s390x

Redhat ≫ Codeready Linux Builder For Ibm Z Systems Eus Version9.6_s390x

Redhat ≫ Codeready Linux Builder For Power Little Endian Version8.0_ppc64le

Redhat ≫ Codeready Linux Builder For Power Little Endian Eus Version8.6_ppc64le

Redhat ≫ Codeready Linux Builder For Power Little Endian Eus Version8.8_ppc64le

Redhat ≫ Codeready Linux Builder For Power Little Endian Eus Version9.0_ppc64le

Redhat ≫ Codeready Linux Builder For Power Little Endian Eus Version9.2_ppc64le

Redhat ≫ Codeready Linux Builder For Power Little Endian Eus Version9.4_ppc64le

Redhat ≫ Codeready Linux Builder For Power Little Endian Eus Version9.6_ppc64le

Redhat ≫ Virtualization Host Version4.0

Redhat ≫ Enterprise Linux Version8.0

Redhat ≫ Enterprise Linux Eus Version8.6

Redhat ≫ Enterprise Linux Eus Version8.8

Redhat ≫ Enterprise Linux Eus Version9.0

Redhat ≫ Enterprise Linux Eus Version9.2

Redhat ≫ Enterprise Linux Eus Version9.4

Redhat ≫ Enterprise Linux Eus Version9.6

Redhat ≫ Enterprise Linux For Arm 64 Version8.0_aarch64

Redhat ≫ Enterprise Linux For Arm 64 Eus Version8.6_aarch64

Redhat ≫ Enterprise Linux For Arm 64 Eus Version8.8_aarch64

Redhat ≫ Enterprise Linux For Arm 64 Eus Version9.0_aarch64

Redhat ≫ Enterprise Linux For Arm 64 Eus Version9.2_aarch64

Redhat ≫ Enterprise Linux For Arm 64 Eus Version9.4_aarch64

Redhat ≫ Enterprise Linux For Arm 64 Eus Version9.6_aarch64

Redhat ≫ Enterprise Linux For Ibm Z Systems Version8.0_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Eus Version8.6_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Eus Version8.8_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Eus Version9.0_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Eus Version9.2_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Eus Version9.4_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Eus Version9.6_s390x

Redhat ≫ Enterprise Linux For Power Little Endian Version8.0_ppc64le

Redhat ≫ Enterprise Linux For Power Little Endian Eus Version8.6_ppc64le

Redhat ≫ Enterprise Linux For Power Little Endian Eus Version8.8_ppc64le

Redhat ≫ Enterprise Linux For Power Little Endian Eus Version9.0_ppc64le

Redhat ≫ Enterprise Linux For Power Little Endian Eus Version9.2_ppc64le

Redhat ≫ Enterprise Linux For Power Little Endian Eus Version9.4_ppc64le

Redhat ≫ Enterprise Linux For Power Little Endian Eus Version9.6_ppc64le

Redhat ≫ Enterprise Linux Server Aus Version8.6

Redhat ≫ Enterprise Linux Server Aus Version9.2

Redhat ≫ Enterprise Linux Server Aus Version9.4

Redhat ≫ Enterprise Linux Server Aus Version9.6

Redhat ≫ Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Version8.6_ppc64le

Redhat ≫ Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Version8.8_ppc64le

Redhat ≫ Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Version9.0_ppc64le

Redhat ≫ Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Version9.2_ppc64le

Redhat ≫ Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Version9.4_ppc64le

Redhat ≫ Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Version9.6_ppc64le

Redhat ≫ Enterprise Linux Server Tus Version8.6

Redhat ≫ Enterprise Linux Server Tus Version8.8

Redhat ≫ Enterprise Linux Update Services For Sap Solutions Version8.6

Redhat ≫ Enterprise Linux Update Services For Sap Solutions Version8.8

Redhat ≫ Enterprise Linux Update Services For Sap Solutions Version9.0

Redhat ≫ Enterprise Linux Update Services For Sap Solutions Version9.2

Redhat ≫ Enterprise Linux Update Services For Sap Solutions Version9.4

Redhat ≫ Enterprise Linux Update Services For Sap Solutions Version9.6

Fedoraproject ≫ Fedora Version38

Fedoraproject ≫ Fedora Version39

Fedoraproject ≫ Fedora Version40

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.077

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.1	1.2	5.9	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
secalert@redhat.com	7.1	1.2	5.9	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

https://access.redhat.com/errata/RHSA-2024:1919

Third Party Advisory

https://access.redhat.com/errata/RHSA-2024:1920

Third Party Advisory

https://access.redhat.com/errata/RHSA-2024:1921

Third Party Advisory

https://access.redhat.com/errata/RHSA-2024:1922

Third Party Advisory

https://access.redhat.com/errata/RHSA-2024:2571

Third Party Advisory

https://access.redhat.com/errata/RHSA-2024:3270

Third Party Advisory