A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
18 Jun 2025, 19:44
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Redhat codeready Linux Builder For Power Little Endian
Redhat Redhat enterprise Linux For Ibm Z Systems Eus Redhat enterprise Linux For Power Little Endian Redhat enterprise Linux For Arm 64 Eus Redhat enterprise Linux Server Aus Fedoraproject fedora Fedoraproject sssd Redhat enterprise Linux Eus Redhat codeready Linux Builder For Power Little Endian Eus Redhat enterprise Linux For Arm 64 Redhat codeready Linux Builder For Arm64 Eus Redhat enterprise Linux Update Services For Sap Solutions Redhat codeready Linux Builder For Ibm Z Systems Eus Redhat enterprise Linux For Ibm Z Systems Redhat codeready Linux Builder Redhat enterprise Linux Server Tus Redhat codeready Linux Builder For Arm64 Redhat codeready Linux Builder Eus Redhat virtualization Host Fedoraproject Redhat codeready Linux Builder For Ibm Z Systems Redhat enterprise Linux For Power Little Endian Eus Redhat enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Redhat enterprise Linux |
|
| CPE | cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.2_aarch64:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.0_aarch64:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:9.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:9.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.0_ppc64le:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.6_s390x:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:* cpe:2.3:a:fedoraproject:sssd:*:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_eus:9.6:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.6_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:8.6_aarch64:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.0_aarch64:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.0_s390x:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:8.6_s390x:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_eus:8.8:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_eus:9.4:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:8.0_aarch64:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:* cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:9.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6_ppc64le:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.6_s390x:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_eus:8.6:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.0_s390x:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.6_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.2_aarch64:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.6_aarch64:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.4_aarch64:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_eus:9.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.8_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.6_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.6_aarch64:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.4_ppc64le:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:8.8_aarch64:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.6_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.6_aarch64:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:* |
|
| References | () https://access.redhat.com/errata/RHSA-2024:1919 - Third Party Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2024:1920 - Third Party Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2024:1921 - Third Party Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2024:1922 - Third Party Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2024:2571 - Third Party Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2024:3270 - Third Party Advisory | |
| References | () https://access.redhat.com/security/cve/CVE-2023-3758 - Third Party Advisory | |
| References | () https://bugzilla.redhat.com/show_bug.cgi?id=2223762 - Issue Tracking, Third Party Advisory | |
| References | () https://github.com/SSSD/sssd/pull/7302 - Exploit, Issue Tracking, Patch | |
| References | () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RV3HIZI3SURBUQKSOOL3XE64OOBQ2HTK/ - Mailing List, Third Party Advisory | |
| References | () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XEP62IDS7A55D5UHM6GH7QZ7SQFOAPVF/ - Mailing List, Third Party Advisory | |
| References | () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMORAO2BDDA5YX4ZLMXDZ7SM6KU47SY5/ - Mailing List, Third Party Advisory |
24 Nov 2024, 16:15
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-362 |
21 Nov 2024, 08:17
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
|
| References | () https://access.redhat.com/errata/RHSA-2024:1919 - | |
| References | () https://access.redhat.com/errata/RHSA-2024:1920 - | |
| References | () https://access.redhat.com/errata/RHSA-2024:1921 - | |
| References | () https://access.redhat.com/errata/RHSA-2024:1922 - | |
| References | () https://access.redhat.com/errata/RHSA-2024:2571 - | |
| References | () https://access.redhat.com/errata/RHSA-2024:3270 - | |
| References | () https://access.redhat.com/security/cve/CVE-2023-3758 - | |
| References | () https://bugzilla.redhat.com/show_bug.cgi?id=2223762 - | |
| References | () https://github.com/SSSD/sssd/pull/7302 - |
16 Sep 2024, 19:16
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
22 May 2024, 18:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
08 May 2024, 03:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
08 May 2024, 02:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
30 Apr 2024, 20:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
25 Apr 2024, 06:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
19 Apr 2024, 13:10
| Type | Values Removed | Values Added |
|---|---|---|
| Summary |
|
18 Apr 2024, 19:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-04-18 19:15
Updated : 2025-06-18 19:44
NVD link : CVE-2023-3758
Mitre link : CVE-2023-3758
CVE.ORG link : CVE-2023-3758
JSON object : View
Products Affected
redhat
- enterprise_linux_for_power_little_endian
- enterprise_linux_for_ibm_z_systems
- codeready_linux_builder_for_power_little_endian_eus
- codeready_linux_builder_for_arm64
- codeready_linux_builder_for_arm64_eus
- codeready_linux_builder_for_ibm_z_systems
- enterprise_linux_server_aus
- enterprise_linux_for_power_little_endian_eus
- enterprise_linux_server_tus
- enterprise_linux_for_arm_64
- codeready_linux_builder_for_power_little_endian
- enterprise_linux_update_services_for_sap_solutions
- virtualization_host
- enterprise_linux
- enterprise_linux_for_ibm_z_systems_eus
- enterprise_linux_for_arm_64_eus
- codeready_linux_builder_eus
- codeready_linux_builder_for_ibm_z_systems_eus
- enterprise_linux_eus
- enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
- codeready_linux_builder
fedoraproject
- sssd
- fedora
CWE
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')