Explore top 10 tips to secure your open-source projects now. Read More
×Provides a set of daemons to manage access to remote directories and
authentication mechanisms. It provides an NSS and PAM interface toward
the system and a pluggable back end system to connect to multiple different
account sources. It is also the basis to provide client auditing and policy
services for projects like FreeIPA.
The sssd subpackage is a meta-package that contains the daemon as well as all
the existing back ends.
Update Information:
CVE fixes: CVE-2026-12610 CVE-2026-14474 CVE-2026-14476 - rhbz#2494777: CVE-2026-12610 sssd: Use-after-free crash in SSSD' 'sssd_pam' process - rhbz#2497650: CVE-2026-14476 sssd: sssd: GPO cache path traversal via unsanitized gPCFileSysPath allows Kerberos authentication bypass - rhbz#2497651: CVE-2026-14474 sssd: sssd: sudo LDAP provider searches entire directory tree for sudoRole objects by default, enabling privilege escalation
* Wed Jul 8 2026 Sumit Bose
[ 1 ] Bug #2494777 - CVE-2026-12610 sssd: Use-after-free crash in SSSD' 'sssd_pam' process [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2494777
[ 2 ] Bug #2497650 - CVE-2026-14476 sssd: sssd: GPO cache path traversal via unsanitized gPCFileSysPath allows Kerberos authentication bypass [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2497650
[ 3 ] Bug #2497651 - CVE-2026-14474 sssd: sssd: sudo LDAP provider searches entire directory tree for sudoRole objects by default, enabling privilege escalation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2497651
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-5acfb0243b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
Get the latest Linux and open source security news straight to your inbox.