Bug 1121759 (CVE-2019-3811)

Summary: VUL-1: CVE-2019-3811: sssd: fallback_homedir returns '/' for empty home directories in passwd file
Product: [Novell Products] SUSE Security Incidents Reporter: Karol Babioch <karol>
Component: IncidentsAssignee: Samuel Cabrero <scabrero>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P4 - Low CC: ckowalczyk, meissner, mpluskal
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/222670/
Whiteboard: CVSSv3:SUSE:CVE-2019-3811:4.1:(AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N) CVSSv3:RedHat:CVE-2019-3811:4.1:(AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N) CVSSv3:NVD:CVE-2019-3811:5.2:(AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H) CVSSv2:NVD:CVE-2019-3811:2.7:(AV:A/AC:L/Au:S/C:N/I:N/A:P)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Karol Babioch 2019-01-14 07:37:56 UTC
An issue was found in SSSD. The default option for fallback_homedir returns '/' for empty home directories in the passwd file.

Upstream pull request:
https://github.com/SSSD/sssd/pull/703

Upstream Patch:
https://github.com/SSSD/sssd/pull/703/commits/fa0a6400ebd2f4056a057914355ec2ddefc14fe6
https://github.com/SSSD/sssd/pull/703/commits/fe11bd0d5b7dea9f1723c5a59ba0c47641802797

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1656618
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-3811
Comment 1 Karol Babioch 2019-01-14 08:04:23 UTC
This has been introduced with upstream commit 704cc1c7 and basically affects all released versions.
Comment 4 Swamp Workflow Management 2019-03-05 17:09:56 UTC
SUSE-SU-2019:0542-1: An update that solves one vulnerability and has four fixes is now available.

Category: security (moderate)
Bug References: 1004220,1087320,1120852,1121759,1125277
CVE References: CVE-2019-3811
Sources used:
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    sssd-1.16.1-3.15.1
SUSE Linux Enterprise Module for Basesystem 15 (src):    sssd-1.16.1-3.15.1
Comment 5 Swamp Workflow Management 2019-03-06 14:09:55 UTC
SUSE-SU-2019:0552-1: An update that solves one vulnerability and has four fixes is now available.

Category: security (moderate)
Bug References: 1039567,1082568,1121759,976038,977224
CVE References: CVE-2019-3811
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    sssd-1.11.5.1-10.16.1
Comment 6 Swamp Workflow Management 2019-03-06 14:11:19 UTC
SUSE-SU-2019:0556-1: An update that solves two vulnerabilities and has three fixes is now available.

Category: security (moderate)
Bug References: 1004220,1087320,1098377,1120852,1121759
CVE References: CVE-2018-10852,CVE-2019-3811
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    sssd-1.16.1-4.3.2
SUSE Linux Enterprise Server 12-SP4 (src):    sssd-1.16.1-4.3.2
SUSE Linux Enterprise Desktop 12-SP4 (src):    sssd-1.16.1-4.3.2
Comment 9 Swamp Workflow Management 2019-03-29 17:12:45 UTC
SUSE-SU-2019:0805-1: An update that solves one vulnerability and has four fixes is now available.

Category: security (moderate)
Bug References: 1109849,1110121,1121759,1125617,1127670
CVE References: CVE-2019-3811
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    sssd-1.13.4-34.31.1
SUSE Linux Enterprise Server 12-SP3 (src):    adcli-0.8.2-1.3.1, sssd-1.13.4-34.31.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    adcli-0.8.2-1.3.1, sssd-1.13.4-34.31.1

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 10 Swamp Workflow Management 2019-04-08 13:32:11 UTC
openSUSE-SU-2019:1174-1: An update that solves one vulnerability and has four fixes is now available.

Category: security (moderate)
Bug References: 1109849,1110121,1121759,1125617,1127670
CVE References: CVE-2019-3811
Sources used:
openSUSE Leap 42.3 (src):    sssd-1.13.4-15.1

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 11 Marcus Meissner 2019-10-29 06:24:54 UTC
released