776 matches found
Arbitrary Command Injection
Overview basicsr is an Open Source Image and Video Super-Resolution Toolbox Affected versions of this package are vulnerable to Arbitrary Command Injection through the execution of scontrol show hostname in an environment where the SLURMNODELIST variable is manipulated. Remediation There is no...
GHSA-86W8-VHW6-Q9QQ XPixelGroup BasicSR Command Injection
XPixelGroup BasicSR through 1.4.2 might locally allow code execution in contrived situations where "scontrol show hostname" is executed in the presence of a crafted SLURMNODELIST environment variable...
Linux Distros Unpatched Vulnerability : CVE-2023-49933
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. There is Improper Enforcement of Message Integrity During Transmission in a Communicatio...
Linux Distros Unpatched Vulnerability : CVE-2023-41914
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SchedMD Slurm 23.02.x before 23.02.6 and 22.05.x before 22.05.10 allows filesystem race conditions for gaining ownership of a file, overwriting a file, or...
Linux Distros Unpatched Vulnerability : CVE-2023-49938
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in SchedMD Slurm 22.05.x and 23.02.x. There is Incorrect Access Control: an attacker can modified their extended group list that is used...
Linux Distros Unpatched Vulnerability : CVE-2023-49936
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. A NULL pointer dereference leads to denial of service. The fixed versions are 22.05.11,...
SUSE SLES15 / openSUSE 15 : Feature update for slurm and pdsh (SUSE-SU-SUSE-FU-2025:0660-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-SUSE-FU-2025:0660-1 advisory. slurm was updated to version 24.11.1 using package slurm2411: - Security issues fixed: CVE-2024-48936: Fixed authenticati...
SUSE SLES12 : Feature update for slurm and pdsh (SUSE-SU-SUSE-FU-2025:0661-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-SUSE-FU-2025:0661-1 advisory. slurm was updated to version 24.11.1 using package slurm2411: - Security issues fixed: CVE-2024-48936: Fixed authentication...
SUSE-FU-2025:0661-1 Feature update for slurm and pdsh
This update for slurm and pdsh fixes the following issues: slurm was updated to version 24.11.1 using package slurm2411: - Security issues fixed: CVE-2024-48936: Fixed authentication handling in stepmgr that could permit an attacker to execute processes under other users' jobs bsc1236722...
SUSE-FU-2025:0660-1 Feature update for slurm and pdsh
This update for slurm and pdsh fixes the following issues: slurm was updated to version 24.11.1 using package slurm2411: - Security issues fixed: CVE-2024-48936: Fixed authentication handling in stepmgr that could permit an attacker to execute processes under other users' jobs bsc1236722...
PT-2025-20326
Name of the Vulnerable Software and Affected Versions Slurm versions 22.05, 23.02, 23.11.11, 24.05.8, and 24.11.5 are affected. Description The issue is related to permission handling for Coordinators within the accounting system, allowing them to promote a user to Administrator. This is due to a...
PT-2025-21892 · Slurm-Wlm +1 · Slurm-Wlm +1
Name of the Vulnerable Software and Affected Versions: Debian Linux affected versions not specified Description: The issue concerns package vulnerabilities in slurm-wlm within Debian Linux. No further details are available. Recommendations: At the moment, there is no information about a newer...
Fedora 37 : slurm (2022-417587a4b9)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-417587a4b9 advisory. Automatic update for slurm-21.08.8-1.fc37. Changelog Thu May 5 2022 Carl George - 21.08.8-1 - Update to 21.08.8, resolves: rhbz2082276 - Fix...
Fedora 38 : slurm (2022-6a9dc1d46b)
"The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-6a9dc1d46b advisory. Automatic update for slurm-22.05.6-1.fc38. Changelog Sun Nov 27 2022 Philip Kovacs - 22.05.6-1 - Update to 22.05.6 2131112 - Update deprecated vars...
SUSE CVE-2024-48936
SchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in authentication handling in stepmgr could permit an attacker to execute processes under other users' jobs. This is limited to jobs explicitly running with --stepmgr, or on systems that have globally enabled stepmgr via...
DEBIAN-CVE-2024-48936
SchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in authentication handling in stepmgr could permit an attacker to execute processes under other users' jobs. This is limited to jobs explicitly running with --stepmgr, or on systems that have globally enabled stepmgr via...
CVE-2024-48936
SchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in authentication handling in stepmgr could permit an attacker to execute processes under other users' jobs. This is limited to jobs explicitly running with --stepmgr, or on systems that have globally enabled stepmgr via...
UBUNTU-CVE-2024-48936
SchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in authentication handling in stepmgr could permit an attacker to execute processes under other users' jobs. This is limited to jobs explicitly running with --stepmgr, or on systems that have globally enabled stepmgr via...
CVE-2024-48936
SchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in authentication handling in stepmgr could permit an attacker to execute processes under other users' jobs. This is limited to jobs explicitly running with --stepmgr, or on systems that have globally enabled stepmgr via...
SchedMD Slurm 安全漏洞
SchedMD Slurm is an open-source and highly scalable cluster management and job scheduling system for large and small Linux clusters from SchedMD, USA. A security vulnerability exists in SchedMD Slurm versions prior to 24.05.4, which stems from an error in authentication handling and could allow a...