SSSD (System Security Services Daemon) is a suite of daemons dealing with user authentication based on mechanisms like LDAP, Kerberos and FreeIPA. We found privilege escalation paths in a number of helper binaries running with raised Linux capabilities, when privilege separation is enabled.
