VYPR
Unrated severityNVD Advisory· Published Dec 27, 2014· Updated Jun 17, 2026

CVE-2014-0748

CVE-2014-0748

Description

apinit on Cray devices with CLE before 4.2.UP02 and 5.x before 5.1.UP00 does not use alpsauth data to validate the UID in a launch message, which allows local users to gain privileges via a modified aprun program, aka ID FN5912.

Affected products

3
  • cpe:2.3:o:cray:cray_linux_environment:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:cray:cray_linux_environment:*:*:*:*:*:*:*:*range: <=4.2
    • cpe:2.3:o:cray:cray_linux_environment:5.1:*:*:*:*:*:*:*
  • Cray/CLEllm-fuzzy
    Range: <4.2.UP02, 5.x <5.1.UP00

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.