Headline
CVE-2022-29502: The slurm-announce Archives
SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges.
Archive View by: Downloadable version 2022: [ Thread ] [ Subject ] [ Author ] [ Date ] [ Gzip’d Text 6 KB ] 2021: [ Thread ] [ Subject ] [ Author ] [ Date ] [ Gzip’d Text 16 KB ] 2020: [ Thread ] [ Subject ] [ Author ] [ Date ] [ Gzip’d Text 16 KB ] 2019: [ Thread ] [ Subject ] [ Author ] [ Date ] [ Gzip’d Text 13 KB ] 2018: [ Thread ] [ Subject ] [ Author ] [ Date ] [ Gzip’d Text 17 KB ] 2017: [ Thread ] [ Subject ] [ Author ] [ Date ] [ Gzip’d Text 4 KB ]
Related news
Ubuntu Security Notice 6458-1 - It was discovered that Slurm did not properly handle credential management, which could allow an unprivileged user to impersonate the SlurmUser account. An attacker could possibly use this issue to execute arbitrary code as the root user. It was discovered that Slurm did not properly handle access control when dealing with RPC traffic through PMI2 and PMIx, which could allow an unprivileged user to send data to an arbitrary unix socket in the host. An attacker could possibly use this issue to execute arbitrary code as the root user.