SchedMD Slurm security vulnerability

SchedMD Slurm is an open-source, highly scalable cluster management and job scheduling system developed by SchedMD in the United States. Versions prior to 24.11.5, 24.05.8, and 23.11.11 of SchedMD Slurm contained security vulnerabilities. These vulnerabilities stemmed from the accounting system...

Fedora 37 : slurm (2022-417587a4b9)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-417587a4b9 advisory. Automatic update for slurm-21.08.8-1.fc37. Changelog Thu May 5 2022 Carl George - 21.08.8-1 - Update to 21.08.8, resolves: rhbz2082276 - Fix...

Fedora 38 : slurm (2022-6a9dc1d46b)

"The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-6a9dc1d46b advisory. Automatic update for slurm-22.05.6-1.fc38. Changelog Sun Nov 27 2022 Philip Kovacs - 22.05.6-1 - Update to 22.05.6 2131112 - Update deprecated vars...

SUSE-SU-2024:0313-1 Security update for slurm_18_08

This update for slurm1808 fixes the following issues: Security fixes: - CVE-2023-41914: Prevent filesystem race conditions that could let an attacker take control of an arbitrary file, or remove entire directories' contents. bsc1216207 - CVE-2023-49933: Prevent message extension attacks that coul...

SUSE-SU-2024:0310-1 Security update for slurm_20_02

This update for slurm2002 fixes the following issues: Security fixes: - CVE-2023-49933: Prevent message extension attacks that could bypass the message hash. bsc1218046 - CVE-2023-49936: Prevent NULL pointer dereference on sizevalp overflow. bsc1218050 - CVE-2023-49937: Prevent double-xfree on...

SUSE-SU-2024:0279-1 Security update for slurm

This update for slurm fixes the following issues: Security fixes: - CVE-2023-41914: Prevent filesystem race conditions that could let an attacker take control of an arbitrary file, or remove entire directories' contents. bsc1216207 - CVE-2023-49933: Prevent message extension attacks that could...

Debian dsa-5609 : libpam-slurm - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5609 advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5609-1...

SUSE-SU-2023:4578-1 Security update for slurm

This update for slurm fixes the following issues: - CVE-2023-41914: Fixed a filesystem handling race conditions that could have led to an attacker taking control of an arbitrary file, or removing entire directoy contents bsc1216207. Bug fixes: - Add missing dependencies to slurm-config to plugins...

USN-6458-1 slurm-llnl, slurm-wlm vulnerabilities

It was discovered that Slurm did not properly handle credential management, which could allow an unprivileged user to impersonate the SlurmUser account. An attacker could possibly use this issue to execute arbitrary code as the root user. CVE-2022-29500 It was discovered that Slurm did not proper...

SUSE-SU-2023:4116-1 Security update for slurm

This update for slurm fixes the following issues: - CVE-2023-41914: Fixed several filesystem handling race conditions that could lead to an attacker taking control of an arbitrary file bsc1216207. Non-security fixes: - Fixed dependency issues that could arise during an upgrade bsc1208810...

USN-4781-2 slurm-llnl vulnerabilities

USN-4781-1 fixed several vulnerabilities in Slurm. This update provides the corresponding updates for Ubuntu 14.04 ESM CVE-2016-10030 and Ubuntu 16.04 ESM CVE-2018-10995. Original advisory details: It was discovered that Slurm incorrectly handled certain messages between the daemon and the user. ...

Ubuntu 16.04 ESM : Slurm vulnerabilities (USN-4781-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4781-2 advisory. USN-4781-1 fixed several vulnerabilities in Slurm. This update provides the corresponding updates for Ubuntu 14.04 ESM CVE-2016-10030 and Ubuntu 16.04 ES...

SUSE-SU-2022:3468-1 Security update for slurm

This update for slurm fixes the following issues: - CVE-2022-31251: Fixed a potential security vulnerability in the test package bsc1201674. - CVE-2022-29500: Fixed an architectural flaw can be exploited to allow an unprivileged user to execute arbitrary processes as root bsc1199278. -...

USN-4781-1 slurm-llnl vulnerabilities

It was discovered that Slurm incorrectly handled certain messages between the daemon and the user. An attacker could possibly use this issue to assume control of an arbitrary file on the system. This issue only affected Ubuntu 16.04 ESM. CVE-2016-10030 It was discovered that Slurm mishandled SPAN...

SUSE-SU-2019:3385-1 Security update for slurm

This update for slurm fixes the following issues: Security issues fixed: - CVE-2019-6438: Fixed SchedMD Slurm that mishandles 32-bit systems bnc1123304. - Fix permissions of slurmdbd.conf bsc1155784. Bug fixes: - Fix ownership of /var/spool/slurm on new installations and upgrade bsc1158696. - Fix...