CVE-2025-11561
Sssd: sssd default kerberos configuration allows privilege escalation on ad-joined linux systems
A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users, potentially resulting in unauthorized access or privilege escalation on domain-joined Linux hosts.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Productos afectados
sssdRed Hat · Red Hat Ceph Storage 7Red Hat · Red Hat Ceph Storage 8Red Hat · Red Hat Enterprise Linux 10Red Hat · Red Hat Enterprise Linux 6Red Hat · Red Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat · Red Hat Enterprise Linux 8Red Hat · Red Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat · Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat · Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRed Hat · Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat · Red Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat · Red Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat · Red Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 9Red Hat · Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 9.4 Extended Update SupportRed Hat · Red Hat Enterprise Linux 9.6 Extended Update SupportRed Hat · Red Hat OpenShift Container Platform 4.12Red Hat · Red Hat OpenShift Container Platform 4.13Red Hat · Red Hat OpenShift Container Platform 4.14Red Hat · Red Hat OpenShift Container Platform 4.15Red Hat · Red Hat OpenShift Container Platform 4.16Red Hat · Red Hat OpenShift Container Platform 4.17Red Hat · Red Hat OpenShift Container Platform 4.18Red Hat · Red Hat OpenShift Container Platform 4.19Red Hat · Red Hat OpenShift Container Platform 4.20¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://access.redhat.com/errata/RHSA-2025:19610https://access.redhat.com/errata/RHSA-2025:19847https://access.redhat.com/errata/RHSA-2025:19848https://access.redhat.com/errata/RHSA-2025:19849https://access.redhat.com/errata/RHSA-2025:19850https://access.redhat.com/errata/RHSA-2025:19851https://access.redhat.com/errata/RHSA-2025:19852https://access.redhat.com/errata/RHSA-2025:19853https://access.redhat.com/errata/RHSA-2025:19854https://access.redhat.com/errata/RHSA-2025:19859https://access.redhat.com/errata/RHSA-2025:20954https://access.redhat.com/errata/RHSA-2025:21020