CVE 2015-5292

Memory leak in the Privilege Attribute Certificate (PAC) responder plugin ( in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption) via a large number of logins that trigger parsing of PAC blobs during Kerberos authentication.

See the CVE page on for more details.