Vulnerability Details CVE-2025-5689
A flaw was found in the temporary user record that authd uses in the pre-auth NSS. As a result, a user login for the first time will be considered to be part of the root group in the context of that SSH session.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 2.4%
CVSS Severity
CVSS v3 Score 8.5
Products affected by CVE-2025-5689
-
cpe:2.3:a:canonical:authd:0.1
-
cpe:2.3:a:canonical:authd:0.2.1
-
cpe:2.3:a:canonical:authd:0.3.2
-
cpe:2.3:a:canonical:authd:0.3.3
-
cpe:2.3:a:canonical:authd:0.3.5
-
cpe:2.3:a:canonical:authd:0.3.6
-
cpe:2.3:a:canonical:authd:0.3.7
-
cpe:2.3:a:canonical:authd:0.4.1
-
cpe:2.3:a:canonical:authd:0.5.2
-
cpe:2.3:a:canonical:authd:0.5.3