Github.Com Ubuntu Authd vulnerabilities

CVE-2025-5689 [MEDIUM] CWE-266 New authd users logging in via SSH are members of the root group New authd users logging in via SSH are members of the root group ### Impact When an authd user logs in via SSH for the first time (meaning they do not yet exist in the authd user database) and successfully authenticates via the configured broker, the user is considered a member of the root group in the context of that SSH session. This situation may allow the user to read and write files that are acc

CVE-2024-9312 [MEDIUM] CWE-286 Authd allows attacker-controlled usernames to yield controllable UIDs Authd allows attacker-controlled usernames to yield controllable UIDs CVE description: Authd, through version 0.3.6, did not sufficiently randomize user IDs to prevent collisions. A local attacker who can register user names could spoof another user's ID and gain their privileges. ----- original report ----- # Cause authd assigns user IDs as a pure function of the user name. Moreover, the set

CVE-2024-9313 [HIGH] CWE-287 PAM module may allow accessing with the credentials of another user PAM module may allow accessing with the credentials of another user Authd PAM module up to version 0.3.4 can allow broker-managed users to impersonate any other user managed by the same broker and perform any PAM operation with it, including authenticating as them. This is possible using tools such as `su`, `sudo` or `ssh` (and potentially others) that, so far, do not ensure that the PAM user at th