Red Hat Security Advisory 2015-2355-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It was found that SSSD's Privilege Attribute Certificate responder plug-in would leak a small amount of memory on each authentication request. A remote attacker could potentially use this flaw to exhaust all available memory on the system by making repeated requests to a Kerberized daemon application configured to authenticate using the PAC responder plug-in.
d919b3f85feab93be7bf6b2682d4b77d4f83d744a808670bebdba7e9c5849e5d
Red Hat Security Advisory 2015-2019-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. It was found that SSSD's Privilege Attribute Certificate responder plug-in would leak a small amount of memory on each authentication request. A remote attacker could potentially use this flaw to exhaust all available memory on the system by making repeated requests to a Kerberized daemon application configured to authenticate using the PAC responder plug-in.
b09a004a6e40e4de5aff2de1779bc957adebf516023c4ec92d860b2e5f0d3245