What is CVE-2015-5292?

CVE-2015-5292 is a vulnerability in Fedoraproject Sssd, classified under CWE-399. Published 2015-10-29.

Is CVE-2015-5292 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Fedoraproject Sssd

CVE-2015-5292

Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption)…

EPSS: 0.037 (88.2th percentile) — read the EPSS interpretation.

Affected products

Fedoraproject Sssd — versions 1.10.0, 1.10.1, 1.11.0
N/a — versions n/a

Weakness classification (CWE)

CWE-399

Public proof-of-concept exploits

Live-Hack-CVE/CVE-2015-5292

References

secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
secalert@redhat.com (x_refsource_REDHAT, vendor-advisory)
secalert@redhat.com (Vendor Advisory, mailing-list, x_refsource_MLIST)
secalert@redhat.com (vdb-entry, x_refsource_SECTRACK)
secalert@redhat.com (vdb-entry, x_refsource_BID)
secalert@redhat.com (x_refsource_CONFIRM)
secalert@redhat.com (x_refsource_CONFIRM)
secalert@redhat.com (vendor-advisory, x_refsource_FEDORA)
secalert@redhat.com (vendor-advisory, x_refsource_FEDORA)
secalert@redhat.com (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2015-5292?: CVE-2015-5292 is a vulnerability in Fedoraproject Sssd, classified under CWE-399. Published 2015-10-29.
Is CVE-2015-5292 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.