rpm package
suse/slurm_24_11&distro=SUSE Linux Enterprise Module for HPC 12
pkg:rpm/suse/slurm_24_11&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2012
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-43904 | Med | 4.2 | < 24.11.5-3.8.1 | 24.11.5-3.8.1 | Jan 16, 2026 | In SchedMD Slurm before 24.11.5, 24.05.8, and 23.11.11, the accounting system can allow a Coordinator to promote a user to Administrator. | |
| CVE-2024-48936 | — | < 24.11.1-3.5.3 | 24.11.1-3.5.3 | Oct 28, 2024 | SchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in authentication handling in stepmgr could permit an attacker to execute processes under other users' jobs. This is limited to jobs explicitly running with --stepmgr, or on systems that have globally enabled ste |
- affected < 24.11.5-3.8.1fixed 24.11.5-3.8.1
In SchedMD Slurm before 24.11.5, 24.05.8, and 23.11.11, the accounting system can allow a Coordinator to promote a user to Administrator.
- CVE-2024-48936Oct 28, 2024affected < 24.11.1-3.5.3fixed 24.11.1-3.5.3
SchedMD Slurm before 24.05.4 has Incorrect Authorization. A mistake in authentication handling in stepmgr could permit an attacker to execute processes under other users' jobs. This is limited to jobs explicitly running with --stepmgr, or on systems that have globally enabled ste