CVE-2023-3758

7.1 HIGH

Published: April 18, 2024 Modified: November 03, 2025

Description

A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

https://access.redhat.com/errata/RHSA-2024:1919

Source: secalert@redhat.com

Third Party Advisory

https://access.redhat.com/errata/RHSA-2024:1920

Source: secalert@redhat.com

Third Party Advisory

https://access.redhat.com/errata/RHSA-2024:1921

Source: secalert@redhat.com

Third Party Advisory

https://access.redhat.com/errata/RHSA-2024:1922

Source: secalert@redhat.com

Third Party Advisory

https://access.redhat.com/errata/RHSA-2024:2571

Source: secalert@redhat.com

Third Party Advisory

https://access.redhat.com/errata/RHSA-2024:3270

Source: secalert@redhat.com

Third Party Advisory

https://access.redhat.com/security/cve/CVE-2023-3758

Source: secalert@redhat.com

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=2223762

Source: secalert@redhat.com

Issue Tracking Third Party Advisory

https://github.com/SSSD/sssd/pull/7302

Source: secalert@redhat.com

Exploit Issue Tracking Patch

https://access.redhat.com/errata/RHSA-2024:1919

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://access.redhat.com/errata/RHSA-2024:1920

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://access.redhat.com/errata/RHSA-2024:1921

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://access.redhat.com/errata/RHSA-2024:1922

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://access.redhat.com/errata/RHSA-2024:2571

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://access.redhat.com/errata/RHSA-2024:3270

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://access.redhat.com/security/cve/CVE-2023-3758

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=2223762

Source: af854a3a-2127-422b-91ae-364da2661108

Issue Tracking Third Party Advisory

https://github.com/SSSD/sssd/pull/7302

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit Issue Tracking Patch

https://lists.debian.org/debian-lts-announce/2025/02/msg00008.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RV3HIZI3SURBUQKSOOL3XE64OOBQ2HTK/

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List Third Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XEP62IDS7A55D5UHM6GH7QZ7SQFOAPVF/

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List Third Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMORAO2BDDA5YX4ZLMXDZ7SM6KU47SY5/

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List Third Party Advisory

22 reference(s) from NVD

Quick Stats

CVSS v3 Score

7.1 / 10.0

EPSS (Exploit Probability)

0.0%

13th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-362 CWE-362

Affected Vendors

redhat fedoraproject

Related CVEs

CVE-2025-69261 N/A

CVE-2025-69257 6.7

CVE-2025-69210 N/A

CVE-2025-66823 N/A

CVE-2025-50343 N/A