Amazon Linux AMI : sssd (ALAS-2016-635)
Medium Nessus Plugin ID 87969
SynopsisThe remote Amazon Linux AMI host is missing a security update.
DescriptionIt was found that SSSD's Privilege Attribute Certificate (PAC) responder plug-in would leak a small amount of memory on each authentication request. A remote attacker could potentially use this flaw to exhaust all available memory on the system by making repeated requests to a Kerberized daemon application configured to authenticate using the PAC responder plug-in.
SolutionRun 'yum update sssd' to update your system.