rpm package
suse/pdsh_slurm_22_05&distro=SUSE Linux Enterprise Module for HPC 12
pkg:rpm/suse/pdsh_slurm_22_05&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2012
Vulnerabilities (6)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-48936 | — | < 2.35-7.44.1 | 2.35-7.44.1 | Oct 28, 2024 | SchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in authentication handling in stepmgr could permit an attacker to execute processes under other users' jobs. This is limited to jobs explicitly running with --stepmgr, or on systems that have globally enabled ste | ||
| CVE-2022-31251 | — | < 2.34-7.35.5 | 2.34-7.35.5 | Sep 7, 2022 | A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE Factory allows local attackers with control over the slurm user to escalate to root. This issue affects: openSUSE Factory slurm versions prior to 22.05.2-3.3. | ||
| CVE-2022-29500 | — | < 2.34-7.35.5 | 2.34-7.35.5 | May 5, 2022 | SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure. | ||
| CVE-2022-29501 | — | < 2.34-7.35.5 | 2.34-7.35.5 | May 5, 2022 | SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution. | ||
| CVE-2022-29502 | — | < 2.34-7.35.5 | 2.34-7.35.5 | May 5, 2022 | SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges. | ||
| CVE-2021-43337 | — | < 2.34-7.35.5 | 2.34-7.35.5 | Nov 17, 2021 | SchedMD Slurm 21.08.* before 21.08.4 has Incorrect Access Control. On sites using the new AccountingStoreFlags=job_script and/or job_env options, the access control rules in SlurmDBD may permit users to request job scripts and environment files to which they should not have acces |
- CVE-2024-48936Oct 28, 2024affected < 2.35-7.44.1fixed 2.35-7.44.1
SchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in authentication handling in stepmgr could permit an attacker to execute processes under other users' jobs. This is limited to jobs explicitly running with --stepmgr, or on systems that have globally enabled ste
- CVE-2022-31251Sep 7, 2022affected < 2.34-7.35.5fixed 2.34-7.35.5
A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE Factory allows local attackers with control over the slurm user to escalate to root. This issue affects: openSUSE Factory slurm versions prior to 22.05.2-3.3.
- CVE-2022-29500May 5, 2022affected < 2.34-7.35.5fixed 2.34-7.35.5
SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure.
- CVE-2022-29501May 5, 2022affected < 2.34-7.35.5fixed 2.34-7.35.5
SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution.
- CVE-2022-29502May 5, 2022affected < 2.34-7.35.5fixed 2.34-7.35.5
SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges.
- CVE-2021-43337Nov 17, 2021affected < 2.34-7.35.5fixed 2.34-7.35.5
SchedMD Slurm 21.08.* before 21.08.4 has Incorrect Access Control. On sites using the new AccountingStoreFlags=job_script and/or job_env options, the access control rules in SlurmDBD may permit users to request job scripts and environment files to which they should not have acces