ALAS-2017-935

Amazon Linux 1 Security Advisory: ALAS-2017-935
Advisory Release Date: 2017-12-20 18:56 Pacific
Advisory Updated Date: 2017-12-21 22:59 Pacific

Severity: Medium

References: CVE-2017-12173
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

Unsanitized input when searching in local cache database
It was found that sssd's sysdb_search_user_by_upn_res() function did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve it. (CVE-2017-12173)

Affected Packages:

sssd

Issue Correction:
Run yum update sssd to update your system.

New Packages:

i686:
    sssd-client-1.15.2-50.34.amzn1.i686
    sssd-ldap-1.15.2-50.34.amzn1.i686
    sssd-debuginfo-1.15.2-50.34.amzn1.i686
    libsss_autofs-1.15.2-50.34.amzn1.i686
    python27-libipa_hbac-1.15.2-50.34.amzn1.i686
    sssd-tools-1.15.2-50.34.amzn1.i686
    python27-sss-1.15.2-50.34.amzn1.i686
    sssd-dbus-1.15.2-50.34.amzn1.i686
    libsss_nss_idmap-devel-1.15.2-50.34.amzn1.i686
    libsss_idmap-devel-1.15.2-50.34.amzn1.i686
    libsss_idmap-1.15.2-50.34.amzn1.i686
    sssd-ipa-1.15.2-50.34.amzn1.i686
    libsss_simpleifp-1.15.2-50.34.amzn1.i686
    python27-libsss_nss_idmap-1.15.2-50.34.amzn1.i686
    sssd-common-1.15.2-50.34.amzn1.i686
    sssd-libwbclient-1.15.2-50.34.amzn1.i686
    sssd-winbind-idmap-1.15.2-50.34.amzn1.i686
    libsss_certmap-1.15.2-50.34.amzn1.i686
    libsss_nss_idmap-1.15.2-50.34.amzn1.i686
    sssd-krb5-1.15.2-50.34.amzn1.i686
    sssd-1.15.2-50.34.amzn1.i686
    libsss_certmap-devel-1.15.2-50.34.amzn1.i686
    python27-sss-murmur-1.15.2-50.34.amzn1.i686
    libipa_hbac-1.15.2-50.34.amzn1.i686
    libipa_hbac-devel-1.15.2-50.34.amzn1.i686
    sssd-ad-1.15.2-50.34.amzn1.i686
    sssd-krb5-common-1.15.2-50.34.amzn1.i686
    sssd-libwbclient-devel-1.15.2-50.34.amzn1.i686
    libsss_sudo-1.15.2-50.34.amzn1.i686
    sssd-common-pac-1.15.2-50.34.amzn1.i686
    sssd-proxy-1.15.2-50.34.amzn1.i686
    libsss_simpleifp-devel-1.15.2-50.34.amzn1.i686

noarch:
    python27-sssdconfig-1.15.2-50.34.amzn1.noarch

src:
    sssd-1.15.2-50.34.amzn1.src

x86_64:
    sssd-krb5-1.15.2-50.34.amzn1.x86_64
    sssd-proxy-1.15.2-50.34.amzn1.x86_64
    libsss_simpleifp-devel-1.15.2-50.34.amzn1.x86_64
    sssd-krb5-common-1.15.2-50.34.amzn1.x86_64
    libsss_idmap-devel-1.15.2-50.34.amzn1.x86_64
    libsss_autofs-1.15.2-50.34.amzn1.x86_64
    sssd-common-pac-1.15.2-50.34.amzn1.x86_64
    libsss_nss_idmap-devel-1.15.2-50.34.amzn1.x86_64
    sssd-debuginfo-1.15.2-50.34.amzn1.x86_64
    python27-libipa_hbac-1.15.2-50.34.amzn1.x86_64
    sssd-ad-1.15.2-50.34.amzn1.x86_64
    sssd-common-1.15.2-50.34.amzn1.x86_64
    python27-sss-murmur-1.15.2-50.34.amzn1.x86_64
    sssd-winbind-idmap-1.15.2-50.34.amzn1.x86_64
    sssd-1.15.2-50.34.amzn1.x86_64
    python27-sss-1.15.2-50.34.amzn1.x86_64
    sssd-libwbclient-1.15.2-50.34.amzn1.x86_64
    sssd-dbus-1.15.2-50.34.amzn1.x86_64
    libsss_certmap-1.15.2-50.34.amzn1.x86_64
    libsss_nss_idmap-1.15.2-50.34.amzn1.x86_64
    libipa_hbac-devel-1.15.2-50.34.amzn1.x86_64
    libsss_certmap-devel-1.15.2-50.34.amzn1.x86_64
    libsss_sudo-1.15.2-50.34.amzn1.x86_64
    sssd-libwbclient-devel-1.15.2-50.34.amzn1.x86_64
    python27-libsss_nss_idmap-1.15.2-50.34.amzn1.x86_64
    libipa_hbac-1.15.2-50.34.amzn1.x86_64
    libsss_simpleifp-1.15.2-50.34.amzn1.x86_64
    sssd-ipa-1.15.2-50.34.amzn1.x86_64
    sssd-client-1.15.2-50.34.amzn1.x86_64
    sssd-ldap-1.15.2-50.34.amzn1.x86_64
    libsss_idmap-1.15.2-50.34.amzn1.x86_64
    sssd-tools-1.15.2-50.34.amzn1.x86_64

Additional References

Red Hat: CVE-2017-12173

Mitre: CVE-2017-12173