CVE-2025-5689
published 2025-06-16CVE-2025-5689: A flaw was found in the temporary user record that authd uses in the pre-auth NSS. As a result, a user login for the first time will be considered to be part…
high8.5CVSS 3.1
AVNACLPRLUINSCCHILAN
A flaw was found in the temporary user record that authd uses in the pre-auth NSS. As a result, a user login for the first time will be considered to be part of the root group in the context of that SSH session.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | authd | < 0.5.4 | 0.5.4 |
| canonical | authd | 0.0.0 – 0.5.4 | — |
| github.com | ubuntu_authd | >= 0 < 0.5.4 | 0.5.4 |