Описание
Security update for slurm
This update for slurm fixes the following issues:
- CVE-2022-29500: Fixed architectural flaw that could have been exploited to allow an unprivileged user to execute arbitrary processes as root (bsc#1199278).
- CVE-2022-29501: Fixed a problem that an unprivileged user could have sent data to arbitrary unix socket as root (bsc#1199279).
Список пакетов
SUSE Linux Enterprise Module for HPC 15 SP3
libnss_slurm2-20.11.9-150300.4.6.1
libpmi0-20.11.9-150300.4.6.1
libslurm36-20.11.9-150300.4.6.1
perl-slurm-20.11.9-150300.4.6.1
slurm-20.11.9-150300.4.6.1
slurm-auth-none-20.11.9-150300.4.6.1
slurm-config-20.11.9-150300.4.6.1
slurm-config-man-20.11.9-150300.4.6.1
slurm-devel-20.11.9-150300.4.6.1
slurm-doc-20.11.9-150300.4.6.1
slurm-lua-20.11.9-150300.4.6.1
slurm-munge-20.11.9-150300.4.6.1
slurm-node-20.11.9-150300.4.6.1
slurm-pam_slurm-20.11.9-150300.4.6.1
slurm-plugins-20.11.9-150300.4.6.1
slurm-rest-20.11.9-150300.4.6.1
slurm-slurmdbd-20.11.9-150300.4.6.1
slurm-sql-20.11.9-150300.4.6.1
slurm-sview-20.11.9-150300.4.6.1
slurm-torque-20.11.9-150300.4.6.1
slurm-webdoc-20.11.9-150300.4.6.1
openSUSE Leap 15.3
libnss_slurm2-20.11.9-150300.4.6.1
libpmi0-20.11.9-150300.4.6.1
libslurm36-20.11.9-150300.4.6.1
perl-slurm-20.11.9-150300.4.6.1
slurm-20.11.9-150300.4.6.1
slurm-auth-none-20.11.9-150300.4.6.1
slurm-config-20.11.9-150300.4.6.1
slurm-config-man-20.11.9-150300.4.6.1
slurm-cray-20.11.9-150300.4.6.1
slurm-devel-20.11.9-150300.4.6.1
slurm-doc-20.11.9-150300.4.6.1
slurm-hdf5-20.11.9-150300.4.6.1
slurm-lua-20.11.9-150300.4.6.1
slurm-munge-20.11.9-150300.4.6.1
slurm-node-20.11.9-150300.4.6.1
slurm-openlava-20.11.9-150300.4.6.1
slurm-pam_slurm-20.11.9-150300.4.6.1
slurm-plugins-20.11.9-150300.4.6.1
slurm-rest-20.11.9-150300.4.6.1
slurm-seff-20.11.9-150300.4.6.1
slurm-sjstat-20.11.9-150300.4.6.1
slurm-slurmdbd-20.11.9-150300.4.6.1
slurm-sql-20.11.9-150300.4.6.1
slurm-sview-20.11.9-150300.4.6.1
slurm-torque-20.11.9-150300.4.6.1
slurm-webdoc-20.11.9-150300.4.6.1
openSUSE Leap 15.4
libnss_slurm2-20.11.9-150300.4.6.1
libpmi0-20.11.9-150300.4.6.1
libslurm36-20.11.9-150300.4.6.1
perl-slurm-20.11.9-150300.4.6.1
slurm-20.11.9-150300.4.6.1
slurm-auth-none-20.11.9-150300.4.6.1
slurm-config-20.11.9-150300.4.6.1
slurm-config-man-20.11.9-150300.4.6.1
slurm-cray-20.11.9-150300.4.6.1
slurm-devel-20.11.9-150300.4.6.1
slurm-doc-20.11.9-150300.4.6.1
slurm-hdf5-20.11.9-150300.4.6.1
slurm-lua-20.11.9-150300.4.6.1
slurm-munge-20.11.9-150300.4.6.1
slurm-node-20.11.9-150300.4.6.1
slurm-openlava-20.11.9-150300.4.6.1
slurm-pam_slurm-20.11.9-150300.4.6.1
slurm-plugins-20.11.9-150300.4.6.1
slurm-rest-20.11.9-150300.4.6.1
slurm-seff-20.11.9-150300.4.6.1
slurm-sjstat-20.11.9-150300.4.6.1
slurm-slurmdbd-20.11.9-150300.4.6.1
slurm-sql-20.11.9-150300.4.6.1
slurm-sview-20.11.9-150300.4.6.1
slurm-torque-20.11.9-150300.4.6.1
slurm-webdoc-20.11.9-150300.4.6.1
Ссылки
- Link for SUSE-SU-2022:1666-1
- E-Mail link for SUSE-SU-2022:1666-1
- SUSE Security Ratings
- SUSE Bug 1199278
- SUSE Bug 1199279
- SUSE CVE CVE-2022-29500 page
- SUSE CVE CVE-2022-29501 page
Описание
SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure.
Затронутые продукты
SUSE Linux Enterprise Module for HPC 15 SP3:libnss_slurm2-20.11.9-150300.4.6.1
SUSE Linux Enterprise Module for HPC 15 SP3:libpmi0-20.11.9-150300.4.6.1
SUSE Linux Enterprise Module for HPC 15 SP3:libslurm36-20.11.9-150300.4.6.1
SUSE Linux Enterprise Module for HPC 15 SP3:perl-slurm-20.11.9-150300.4.6.1
Ссылки
- CVE-2022-29500
- SUSE Bug 1199278
Описание
SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution.
Затронутые продукты
SUSE Linux Enterprise Module for HPC 15 SP3:libnss_slurm2-20.11.9-150300.4.6.1
SUSE Linux Enterprise Module for HPC 15 SP3:libpmi0-20.11.9-150300.4.6.1
SUSE Linux Enterprise Module for HPC 15 SP3:libslurm36-20.11.9-150300.4.6.1
SUSE Linux Enterprise Module for HPC 15 SP3:perl-slurm-20.11.9-150300.4.6.1
Ссылки
- CVE-2022-29501
- SUSE Bug 1199279