Astra Linux - уязвимость в pmix

In versions of OpenPMIx PMIx prior to 4.2.6 and 5.0.x before 5.0.1, attackers could obtain ownership of arbitrary files due to a race condition during the execution of library code with a UID of 0...

Linux Distros Unpatched Vulnerability : CVE-2023-41915

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code...

TencentOS Server 4: pmix (TSSA-2024:0367)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0367 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

MGASA-2024-0162 Updated openpmix packages fix security vulnerability

This update fixes a race condition allowing attackers to obtain ownership of arbitrary files CVE-2023-41915...

Mageia: Security Advisory (MGASA-2024-0162)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 9 : pmix (ELSA-2024-2199)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-2199 advisory. - Fix CVE-2023-41915 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...

pmix: race condition allows attackers to obtain ownership of arbitrary files

OpenPMIx PMIx is vulnerable to a race condition during execution of library code with UID 0, which allows attackers to obtain ownership of arbitrary files...

Debian DSA-5547-1 : pmix - security update

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5547 advisory. Francois Diakhate reported that a race condition in pmix, a library implementing Process Management Interface PMI Exascale API, could allow a malicious user to obtain...

Debian dla-3643 : libpmi-pmix-dev - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3643 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3643-1 [email protected] https://www.debian.org/lts/security/...

Ubuntu 18.04 ESM / 20.04 ESM / 22.04 ESM : PMIx vulnerability (USN-6434-1)

The remote Ubuntu 18.04 ESM / 20.04 ESM / 22.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-6434-1 advisory. Francois Diakhate discovered that PMIx did not properly handle race conditions in the pmix library, which could lead to unwanted privilege...

Amazon Linux 2023 : pmix, pmix-devel, pmix-pmi (ALAS2023-2023-363)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-363 advisory. OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0. CVE-2023-41915 Tenable has...

Medium: pmix

Issue Overview: OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0. CVE-2023-41915 Affected Packages: pmix Issue Correction: Run dnf update pmix --releasever 2023.2.20231002 or...

OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0.

...

CVE-2023-41915

OpenPMIx PMIx is vulnerable to a race condition during execution of library code with UID 0, which allows attackers to obtain ownership of arbitrary files...

SUSE CVE-2023-41915

OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0...

CVE-2023-41915

OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0...

CVE-2023-41915

OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0...

AZL-29702 CVE-2023-41915 affecting package pmix for versions less than 4.1.3-1

OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0...

DEBIAN-CVE-2023-41915

OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0...

CVE-2023-41915

OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0...