Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-6458-1.NASL
HistoryOct 30, 2023 - 12:00 a.m.

Ubuntu 20.04 ESM / 22.04 ESM : Slurm vulnerabilities (USN-6458-1)

2023-10-3000:00:00
Ubuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
1
ubuntu 20.04
22.04
esm
slurm
vulnerabilities
incorrect access control
information disclosure
escalation of privileges
code execution
cve-2022-29500
cve-2022-29501
cve-2022-29502
nessus scanner

8 High

AI Score

Confidence

Low

JSON

The remote Ubuntu 20.04 ESM / 22.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6458-1 advisory.

  • SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure.
    (CVE-2022-29500)

  • SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution. (CVE-2022-29501)

  • SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges.
    (CVE-2022-29502)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-6458-1. The text
# itself is copyright (C) Canonical, Inc. See
# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
##

include('compat.inc');

if (description)
{
  script_id(184019);
  script_version("1.0");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/30");

  script_cve_id("CVE-2022-29500", "CVE-2022-29501", "CVE-2022-29502");
  script_xref(name:"USN", value:"6458-1");

  script_name(english:"Ubuntu 20.04 ESM / 22.04 ESM : Slurm vulnerabilities (USN-6458-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote Ubuntu 20.04 ESM / 22.04 ESM host has packages installed that are affected by multiple vulnerabilities as
referenced in the USN-6458-1 advisory.

  - SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure.
    (CVE-2022-29500)

  - SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges
    and code execution. (CVE-2022-29501)

  - SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges.
    (CVE-2022-29502)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-6458-1");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-29501");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2022-29502");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/05/05");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/10/30");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/10/30");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:20.04:-:esm");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:22.04:-:esm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpam-slurm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpam-slurm-adopt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpmi0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpmi0-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpmi2-0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpmi2-0-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libslurm-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libslurm-perl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libslurm34");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libslurm37");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libslurmdb-perl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:slurm-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:slurm-client-emulator");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:slurm-wlm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:slurm-wlm-basic-plugins");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:slurm-wlm-basic-plugins-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:slurm-wlm-emulator");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:slurm-wlm-torque");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:slurmctld");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:slurmd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:slurmdbd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:slurmrestd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:sview");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Ubuntu Local Security Checks");

  script_copyright(english:"Ubuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}

include('debian_package.inc');

if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('20.04' >< os_release || '22.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04 / 22.04', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);

var pkgs = [
    {'osver': '20.04', 'pkgname': 'libpam-slurm', 'pkgver': '19.05.5-1ubuntu0.1~esm2'},
    {'osver': '20.04', 'pkgname': 'libpam-slurm-adopt', 'pkgver': '19.05.5-1ubuntu0.1~esm2'},
    {'osver': '20.04', 'pkgname': 'libpmi0', 'pkgver': '19.05.5-1ubuntu0.1~esm2'},
    {'osver': '20.04', 'pkgname': 'libpmi0-dev', 'pkgver': '19.05.5-1ubuntu0.1~esm2'},
    {'osver': '20.04', 'pkgname': 'libpmi2-0', 'pkgver': '19.05.5-1ubuntu0.1~esm2'},
    {'osver': '20.04', 'pkgname': 'libpmi2-0-dev', 'pkgver': '19.05.5-1ubuntu0.1~esm2'},
    {'osver': '20.04', 'pkgname': 'libslurm-dev', 'pkgver': '19.05.5-1ubuntu0.1~esm2'},
    {'osver': '20.04', 'pkgname': 'libslurm-perl', 'pkgver': '19.05.5-1ubuntu0.1~esm2'},
    {'osver': '20.04', 'pkgname': 'libslurm34', 'pkgver': '19.05.5-1ubuntu0.1~esm2'},
    {'osver': '20.04', 'pkgname': 'libslurmdb-perl', 'pkgver': '19.05.5-1ubuntu0.1~esm2'},
    {'osver': '20.04', 'pkgname': 'slurm-client', 'pkgver': '19.05.5-1ubuntu0.1~esm2'},
    {'osver': '20.04', 'pkgname': 'slurm-client-emulator', 'pkgver': '19.05.5-1ubuntu0.1~esm2'},
    {'osver': '20.04', 'pkgname': 'slurm-wlm', 'pkgver': '19.05.5-1ubuntu0.1~esm2'},
    {'osver': '20.04', 'pkgname': 'slurm-wlm-basic-plugins', 'pkgver': '19.05.5-1ubuntu0.1~esm2'},
    {'osver': '20.04', 'pkgname': 'slurm-wlm-basic-plugins-dev', 'pkgver': '19.05.5-1ubuntu0.1~esm2'},
    {'osver': '20.04', 'pkgname': 'slurm-wlm-emulator', 'pkgver': '19.05.5-1ubuntu0.1~esm2'},
    {'osver': '20.04', 'pkgname': 'slurm-wlm-torque', 'pkgver': '19.05.5-1ubuntu0.1~esm2'},
    {'osver': '20.04', 'pkgname': 'slurmctld', 'pkgver': '19.05.5-1ubuntu0.1~esm2'},
    {'osver': '20.04', 'pkgname': 'slurmd', 'pkgver': '19.05.5-1ubuntu0.1~esm2'},
    {'osver': '20.04', 'pkgname': 'slurmdbd', 'pkgver': '19.05.5-1ubuntu0.1~esm2'},
    {'osver': '20.04', 'pkgname': 'sview', 'pkgver': '19.05.5-1ubuntu0.1~esm2'},
    {'osver': '22.04', 'pkgname': 'libpam-slurm', 'pkgver': '21.08.5-2ubuntu1+esm1'},
    {'osver': '22.04', 'pkgname': 'libpam-slurm-adopt', 'pkgver': '21.08.5-2ubuntu1+esm1'},
    {'osver': '22.04', 'pkgname': 'libpmi0', 'pkgver': '21.08.5-2ubuntu1+esm1'},
    {'osver': '22.04', 'pkgname': 'libpmi0-dev', 'pkgver': '21.08.5-2ubuntu1+esm1'},
    {'osver': '22.04', 'pkgname': 'libpmi2-0', 'pkgver': '21.08.5-2ubuntu1+esm1'},
    {'osver': '22.04', 'pkgname': 'libpmi2-0-dev', 'pkgver': '21.08.5-2ubuntu1+esm1'},
    {'osver': '22.04', 'pkgname': 'libslurm-dev', 'pkgver': '21.08.5-2ubuntu1+esm1'},
    {'osver': '22.04', 'pkgname': 'libslurm-perl', 'pkgver': '21.08.5-2ubuntu1+esm1'},
    {'osver': '22.04', 'pkgname': 'libslurm37', 'pkgver': '21.08.5-2ubuntu1+esm1'},
    {'osver': '22.04', 'pkgname': 'libslurmdb-perl', 'pkgver': '21.08.5-2ubuntu1+esm1'},
    {'osver': '22.04', 'pkgname': 'slurm-client', 'pkgver': '21.08.5-2ubuntu1+esm1'},
    {'osver': '22.04', 'pkgname': 'slurm-client-emulator', 'pkgver': '21.08.5-2ubuntu1+esm1'},
    {'osver': '22.04', 'pkgname': 'slurm-wlm', 'pkgver': '21.08.5-2ubuntu1+esm1'},
    {'osver': '22.04', 'pkgname': 'slurm-wlm-basic-plugins', 'pkgver': '21.08.5-2ubuntu1+esm1'},
    {'osver': '22.04', 'pkgname': 'slurm-wlm-basic-plugins-dev', 'pkgver': '21.08.5-2ubuntu1+esm1'},
    {'osver': '22.04', 'pkgname': 'slurm-wlm-emulator', 'pkgver': '21.08.5-2ubuntu1+esm1'},
    {'osver': '22.04', 'pkgname': 'slurm-wlm-torque', 'pkgver': '21.08.5-2ubuntu1+esm1'},
    {'osver': '22.04', 'pkgname': 'slurmctld', 'pkgver': '21.08.5-2ubuntu1+esm1'},
    {'osver': '22.04', 'pkgname': 'slurmd', 'pkgver': '21.08.5-2ubuntu1+esm1'},
    {'osver': '22.04', 'pkgname': 'slurmdbd', 'pkgver': '21.08.5-2ubuntu1+esm1'},
    {'osver': '22.04', 'pkgname': 'slurmrestd', 'pkgver': '21.08.5-2ubuntu1+esm1'},
    {'osver': '22.04', 'pkgname': 'sview', 'pkgver': '21.08.5-2ubuntu1+esm1'}
];

var flag = 0;
foreach package_array ( pkgs ) {
  var osver = NULL;
  var pkgname = NULL;
  var pkgver = NULL;
  if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
  if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
  if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
  if (osver && pkgname && pkgver) {
    if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
  }
}

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  var tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libpam-slurm / libpam-slurm-adopt / libpmi0 / libpmi0-dev / etc');
}
VendorProductVersionCPE
canonicalubuntu_linuxlibpam-slurmp-cpe:/a:canonical:ubuntu_linux:libpam-slurm
canonicalubuntu_linuxlibpmi0p-cpe:/a:canonical:ubuntu_linux:libpmi0
canonicalubuntu_linuxlibpmi0-devp-cpe:/a:canonical:ubuntu_linux:libpmi0-dev
canonicalubuntu_linuxlibslurm-devp-cpe:/a:canonical:ubuntu_linux:libslurm-dev
canonicalubuntu_linuxlibslurm-perlp-cpe:/a:canonical:ubuntu_linux:libslurm-perl
canonicalubuntu_linuxlibslurmdb-perlp-cpe:/a:canonical:ubuntu_linux:libslurmdb-perl
canonicalubuntu_linuxslurm-clientp-cpe:/a:canonical:ubuntu_linux:slurm-client
canonicalubuntu_linuxslurm-client-emulatorp-cpe:/a:canonical:ubuntu_linux:slurm-client-emulator
canonicalubuntu_linuxslurm-wlmp-cpe:/a:canonical:ubuntu_linux:slurm-wlm
canonicalubuntu_linuxslurm-wlm-basic-pluginsp-cpe:/a:canonical:ubuntu_linux:slurm-wlm-basic-plugins
Rows per page:
1-10 of 251

Related

fedora 3
openvas 13
ubuntu 1
osv 4
suse 7
nessus 13
debian 1
mageia 1
veracode 3
debiancve 3
prion 3
redhatcve 1
cve 3
ubuntucve 3
fedora
fedora
[SECURITY] Fedora 35 Update: slurm-21.08.8-2.fc35
2022-05-18 01:11:33
[SECURITY] Fedora 34 Update: slurm-21.08.8-2.fc34
2022-05-18 01:25:15
[SECURITY] Fedora 36 Update: slurm-21.08.8-2.fc36
2022-05-18 01:09:52
openvas
openvas
Fedora: Security Advisory for slurm (FEDORA-2022-eeeff46680)
2022-05-18 00:00:00
Fedora: Security Advisory for slurm (FEDORA-2022-6d9d1862ee)
2022-05-18 00:00:00
Fedora: Security Advisory for slurm (FEDORA-2022-916bb58e38)
2022-05-18 00:00:00
ubuntu
ubuntu
Slurm vulnerabilities
2023-10-30 00:00:00
osv
osv
slurm-llnl, slurm-wlm vulnerabilities
2023-10-30 11:20:24
slurm-wlm - security update
2022-06-20 00:00:00
CVE-2022-29501
2022-05-05 17:15:15
suse
suse
Security update for slurm_20_11 (important)
2022-05-24 00:00:00
Security update for slurm (important)
2022-05-16 00:00:00
Security update for slurm_20_02 (important)
2022-10-03 00:00:00
nessus
nessus
SUSE SLES12 Security Update : slurm_20_11 (SUSE-SU-2022:1726-1)
2022-05-19 00:00:00
Debian DSA-5166-1 : slurm-wlm - security update
2022-06-21 00:00:00
SUSE SLES15 Security Update : slurm (SUSE-SU-2022:1666-1)
2022-05-17 00:00:00
debian
debian
[SECURITY] [DSA 5166-1] slurm-wlm security update
2022-06-20 10:09:27
mageia
mageia
Updated slurm packages fix security vulnerability
2022-05-12 13:24:45
veracode
veracode
Remote Code Execution (RCE)
2022-05-12 19:57:03
Privilege Escalation
2022-05-12 19:57:05
Information Disclosure
2022-05-12 19:57:04
debiancve
debiancve
CVE-2022-29502
2022-05-05 17:15:00
CVE-2022-29501
2022-05-05 17:15:00
CVE-2022-29500
2022-05-05 17:15:00
prion
prion
Design/Logic Flaw
2022-05-05 17:15:00
Information disclosure
2022-05-05 17:15:00
Design/Logic Flaw
2022-05-05 17:15:00
redhatcve
redhatcve
CVE-2022-29502
2022-05-20 22:57:53
cve
cve
CVE-2022-29502
2022-05-05 17:15:00
CVE-2022-29500
2022-05-05 17:15:00
CVE-2022-29501
2022-05-05 17:15:00
ubuntucve
ubuntucve
CVE-2022-29502
2022-05-05 00:00:00
CVE-2022-29500
2022-05-05 00:00:00
CVE-2022-29501
2022-05-05 00:00:00

8 High

AI Score

Confidence

Low

JSON
Related for UBUNTU_USN-6458-1.NASL
fedora3openvas13ubuntu1osv4suse7nessus13debian1mageia1veracode3debiancve3prion3redhatcve1cve3ubuntucve3