CVE-2020-36770
Affected software: Slurm ( Gentoo ebuild ). Issue: the pkg_postinst script for Slurm up to version 22.05.3 runs chown to assign root ownership on files in the live root filesystem. Root-owned files could be taken over by the slurm user, per the description in CVE-2020-36770. Root cause: unnecessa...