rpm package
opensuse/slurm_20_02&distro=openSUSE Leap 15.5
pkg:rpm/opensuse/slurm_20_02&distro=openSUSE%20Leap%2015.5
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-49938 | — | < 20.02.7-150100.3.30.1 | 20.02.7-150100.3.30.1 | Dec 14, 2023 | An issue was discovered in SchedMD Slurm 22.05.x and 23.02.x. There is Incorrect Access Control: an attacker can modified their extended group list that is used with the sbcast subsystem, and open files with an unauthorized set of extended groups. The fixed versions are 22.05.11 | ||
| CVE-2023-49937 | — | < 20.02.7-150100.3.30.1 | 20.02.7-150100.3.30.1 | Dec 14, 2023 | An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. Because of a double free, attackers can cause a denial of service or possibly execute arbitrary code. The fixed versions are 22.05.11, 23.02.7, and 23.11.1. | ||
| CVE-2023-49936 | — | < 20.02.7-150100.3.30.1 | 20.02.7-150100.3.30.1 | Dec 14, 2023 | An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. A NULL pointer dereference leads to denial of service. The fixed versions are 22.05.11, 23.02.7, and 23.11.1. | ||
| CVE-2023-49933 | — | < 20.02.7-150100.3.30.1 | 20.02.7-150100.3.30.1 | Dec 14, 2023 | An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. There is Improper Enforcement of Message Integrity During Transmission in a Communication Channel. This allows attackers to modify RPC traffic in a way that bypasses message hash checks. The fixed versions ar |
- CVE-2023-49938Dec 14, 2023affected < 20.02.7-150100.3.30.1fixed 20.02.7-150100.3.30.1
An issue was discovered in SchedMD Slurm 22.05.x and 23.02.x. There is Incorrect Access Control: an attacker can modified their extended group list that is used with the sbcast subsystem, and open files with an unauthorized set of extended groups. The fixed versions are 22.05.11
- CVE-2023-49937Dec 14, 2023affected < 20.02.7-150100.3.30.1fixed 20.02.7-150100.3.30.1
An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. Because of a double free, attackers can cause a denial of service or possibly execute arbitrary code. The fixed versions are 22.05.11, 23.02.7, and 23.11.1.
- CVE-2023-49936Dec 14, 2023affected < 20.02.7-150100.3.30.1fixed 20.02.7-150100.3.30.1
An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. A NULL pointer dereference leads to denial of service. The fixed versions are 22.05.11, 23.02.7, and 23.11.1.
- CVE-2023-49933Dec 14, 2023affected < 20.02.7-150100.3.30.1fixed 20.02.7-150100.3.30.1
An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. There is Improper Enforcement of Message Integrity During Transmission in a Communication Channel. This allows attackers to modify RPC traffic in a way that bypasses message hash checks. The fixed versions ar