CVE-2026-12610

Name of the Vulnerable Software and Affected Versions sssd (affected versions not specified)

Description A use-after-free flaw exists in the SSSD PAM responder during YubiKey authentication, occurring when a memory pointer is incorrectly handled. A local attacker can trigger a denial of service that disrupts authentication by manipulating smartcard or YubiKey contents. This issue also presents a potential for privilege escalation, although it is difficult to exploit.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.