CVE-2023-3758

A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.

Published: Apr 18, 2024
Updated: Nov 4, 2025
CVE: CVE-2023-3758
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.1
AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
fedoraproject / sssd	-	2.9.5
redhat / virtualization_host	4.0	4.0.x
redhat / enterprise_linux	8.0	8.0.x
redhat / codeready_linux_builder	8.0	8.0.x
redhat / enterprise_linux_server_aus	8.6	8.6.x
redhat / enterprise_linux_server_tus	8.6	8.6.x
redhat / enterprise_linux_eus	8.6	8.6.x
redhat / enterprise_linux_eus	9.0	9.0.x
redhat / enterprise_linux_eus	9.2	9.2.x
redhat / enterprise_linux_server_aus	9.2	9.2.x
redhat / enterprise_linux_for_arm_64_eus	9.2_aarch64	9.2_aarch64.x
redhat / enterprise_linux_for_power_little_endian_eus	9.2_ppc64le	9.2_ppc64le.x
redhat / enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions	9.2_ppc64le	9.2_ppc64le.x
redhat / codeready_linux_builder_eus	9.2	9.2.x
redhat / codeready_linux_builder_for_arm64_eus	9.2_aarch64	9.2_aarch64.x
redhat / codeready_linux_builder_for_ibm_z_systems_eus	9.2_s390x	9.2_s390x.x
redhat / codeready_linux_builder_eus	8.6	8.6.x
redhat / enterprise_linux_eus	8.8	8.8.x
redhat / enterprise_linux_server_tus	8.8	8.8.x
redhat / enterprise_linux_for_ibm_z_systems_eus	9.0_s390x	9.0_s390x.x
redhat / enterprise_linux_for_power_little_endian_eus	9.0_ppc64le	9.0_ppc64le.x
redhat / codeready_linux_builder_for_arm64_eus	9.0_aarch64	9.0_aarch64.x
redhat / codeready_linux_builder_for_ibm_z_systems_eus	9.0_s390x	9.0_s390x.x
redhat / codeready_linux_builder_for_power_little_endian_eus	9.0_ppc64le	9.0_ppc64le.x
redhat / enterprise_linux_for_ibm_z_systems_eus	9.2_s390x	9.2_s390x.x
redhat / codeready_linux_builder_for_power_little_endian_eus	9.2_ppc64le	9.2_ppc64le.x
redhat / enterprise_linux_for_ibm_z_systems_eus	8.6_s390x	8.6_s390x.x
redhat / enterprise_linux_for_power_little_endian_eus	8.6_ppc64le	8.6_ppc64le.x
redhat / enterprise_linux_for_arm_64_eus	8.6_aarch64	8.6_aarch64.x
redhat / enterprise_linux_update_services_for_sap_solutions	8.6	8.6.x
redhat / codeready_linux_builder_for_arm64_eus	8.6_aarch64	8.6_aarch64.x
redhat / codeready_linux_builder_for_ibm_z_systems_eus	8.6_s390x	8.6_s390x.x
redhat / codeready_linux_builder_for_power_little_endian_eus	8.6_ppc64le	8.6_ppc64le.x
redhat / enterprise_linux_for_ibm_z_systems_eus	8.8_s390x	8.8_s390x.x
redhat / enterprise_linux_for_power_little_endian_eus	8.8_ppc64le	8.8_ppc64le.x
redhat / enterprise_linux_for_arm_64_eus	8.8_aarch64	8.8_aarch64.x
redhat / enterprise_linux_update_services_for_sap_solutions	8.8	8.8.x
redhat / enterprise_linux_for_arm_64	8.0_aarch64	8.0_aarch64.x
redhat / enterprise_linux_for_ibm_z_systems	8.0_s390x	8.0_s390x.x
redhat / enterprise_linux_for_power_little_endian	8.0_ppc64le	8.0_ppc64le.x
redhat / codeready_linux_builder_for_arm64	8.0_aarch64	8.0_aarch64.x
redhat / codeready_linux_builder_for_ibm_z_systems	8.0_s390x	8.0_s390x.x
redhat / codeready_linux_builder_for_power_little_endian	8.0_ppc64le	8.0_ppc64le.x
redhat / enterprise_linux_for_arm_64_eus	9.0_aarch64	9.0_aarch64.x
redhat / enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions	9.0_ppc64le	9.0_ppc64le.x
redhat / enterprise_linux_update_services_for_sap_solutions	9.0	9.0.x
redhat / codeready_linux_builder_eus	9.0	9.0.x
redhat / enterprise_linux_update_services_for_sap_solutions	9.2	9.2.x
redhat / enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions	8.6_ppc64le	8.6_ppc64le.x
redhat / enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions	8.8_ppc64le	8.8_ppc64le.x
redhat / codeready_linux_builder_eus	8.8	8.8.x
redhat / codeready_linux_builder_for_arm64_eus	8.8_aarch64	8.8_aarch64.x
redhat / codeready_linux_builder_for_ibm_z_systems_eus	8.8_s390x	8.8_s390x.x
redhat / codeready_linux_builder_for_power_little_endian_eus	8.8_ppc64le	8.8_ppc64le.x
redhat / codeready_linux_builder_eus	9.4	9.4.x
redhat / codeready_linux_builder_eus	9.6	9.6.x
redhat / codeready_linux_builder_for_arm64_eus	9.4_aarch64	9.4_aarch64.x
redhat / codeready_linux_builder_for_arm64_eus	9.6_aarch64	9.6_aarch64.x
redhat / codeready_linux_builder_for_ibm_z_systems_eus	9.4_s390x	9.4_s390x.x
redhat / codeready_linux_builder_for_ibm_z_systems_eus	9.6_s390x	9.6_s390x.x
redhat / enterprise_linux_eus	9.4	9.4.x
redhat / enterprise_linux_eus	9.6	9.6.x
redhat / enterprise_linux_for_arm_64_eus	9.4_aarch64	9.4_aarch64.x
redhat / enterprise_linux_for_arm_64_eus	9.6_aarch64	9.6_aarch64.x
redhat / enterprise_linux_for_ibm_z_systems_eus	9.4_s390x	9.4_s390x.x
redhat / enterprise_linux_for_ibm_z_systems_eus	9.6_s390x	9.6_s390x.x
redhat / enterprise_linux_for_power_little_endian_eus	9.4_ppc64le	9.4_ppc64le.x
redhat / enterprise_linux_for_power_little_endian_eus	9.6_ppc64le	9.6_ppc64le.x
redhat / codeready_linux_builder_for_power_little_endian_eus	9.4_ppc64le	9.4_ppc64le.x
redhat / codeready_linux_builder_for_power_little_endian_eus	9.6_ppc64le	9.6_ppc64le.x
redhat / enterprise_linux_server_aus	9.4	9.4.x
redhat / enterprise_linux_server_aus	9.6	9.6.x
redhat / enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions	9.4_ppc64le	9.4_ppc64le.x
redhat / enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions	9.6_ppc64le	9.6_ppc64le.x
redhat / enterprise_linux_update_services_for_sap_solutions	9.4	9.4.x
redhat / enterprise_linux_update_services_for_sap_solutions	9.6	9.6.x
fedoraproject / fedora	38	38.x
fedoraproject / fedora	39	39.x
fedoraproject / fedora	40	40.x

Vulnerability Database

300,445

CVE-2023-3758

Deep Security Visibility Without the Complexity