What is the severity of CVE-2015-5292?

CVE-2015-5292 has been classified as having a moderate severity due to the potential impact of memory leaks.

How do I fix CVE-2015-5292?

To fix CVE-2015-5292, you should apply the latest patch provided for the affected versions of the sssd_client package.

Which versions of SSSD are affected by CVE-2015-5292?

The affected versions of SSSD include 1.10.0 to 1.13.0, specifically versions 1.10.x, 1.11.x, 1.12.x, and 1.13.0.

What is the impact of CVE-2015-5292?

The impact of CVE-2015-5292 is primarily a memory leak which can lead to exhaustion of resources over time.

Is there a public reference for CVE-2015-5292?

Yes, information about CVE-2015-5292 can be found in the bug tracker on Fedora Hosted.

Vulnerability/
CVE-2015-5292

medium

6.8

CWE

399

30/9/2015

29/10/2015

6/8/2024

CVE-2015-5292

First published: Wed Sep 30 2015(Updated: )

A memory leak was found in the sssd_pac_plugin (sssd_pac_plugin.so library), which is distributed with the sssd_client package. Original report with additional details: <a href="https://fedorahosted.org/sssd/ticket/2803">https://fedorahosted.org/sssd/ticket/2803</a> Patch: <a href="https://fedorahosted.org/sssd/attachment/ticket/2803/0001-Fix-memory-leak-in-sssdpac_verify.patch">https://fedorahosted.org/sssd/attachment/ticket/2803/0001-Fix-memory-leak-in-sssdpac_verify.patch</a>

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Fedora Hosted SSSD	=1.10.0
Fedora Hosted SSSD	=1.10.1
Fedora Hosted SSSD	=1.11.0
Fedora Hosted SSSD	=1.11.1
Fedora Hosted SSSD	=1.11.2
Fedora Hosted SSSD	=1.11.3
Fedora Hosted SSSD	=1.11.4
Fedora Hosted SSSD	=1.11.5
Fedora Hosted SSSD	=1.11.6
Fedora Hosted SSSD	=1.11.7
Fedora Hosted SSSD	=1.12.0
Fedora Hosted SSSD	=1.12.1
Fedora Hosted SSSD	=1.12.2
Fedora Hosted SSSD	=1.12.3
Fedora Hosted SSSD	=1.12.4
Fedora Hosted SSSD	=1.12.5
Fedora Hosted SSSD	=1.13.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-5292?
CVE-2015-5292 has been classified as having a moderate severity due to the potential impact of memory leaks.
How do I fix CVE-2015-5292?
To fix CVE-2015-5292, you should apply the latest patch provided for the affected versions of the sssd_client package.
Which versions of SSSD are affected by CVE-2015-5292?
The affected versions of SSSD include 1.10.0 to 1.13.0, specifically versions 1.10.x, 1.11.x, 1.12.x, and 1.13.0.
What is the impact of CVE-2015-5292?
The impact of CVE-2015-5292 is primarily a memory leak which can lead to exhaustion of resources over time.
Is there a public reference for CVE-2015-5292?
Yes, information about CVE-2015-5292 can be found in the bug tracker on Fedora Hosted.

agent/references
agent/type
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
agent/severity
agent/author
agent/last-modified-date
agent/weakness
agent/event
agent/description
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2015-5292
agent/trending
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/fedoraproject
canonical/fedora hosted sssd
version/fedora hosted sssd/1.10.0
version/fedora hosted sssd/1.10.1
version/fedora hosted sssd/1.11.0
version/fedora hosted sssd/1.11.1
version/fedora hosted sssd/1.11.2
version/fedora hosted sssd/1.11.3
version/fedora hosted sssd/1.11.4
version/fedora hosted sssd/1.11.5
version/fedora hosted sssd/1.11.6
version/fedora hosted sssd/1.11.7
version/fedora hosted sssd/1.12.0
version/fedora hosted sssd/1.12.1
version/fedora hosted sssd/1.12.2
version/fedora hosted sssd/1.12.3
version/fedora hosted sssd/1.12.4
version/fedora hosted sssd/1.12.5
version/fedora hosted sssd/1.13.0