Описание
Security update for slurm_18_08
This update for slurm_18_08 fixes the following issues:
- CVE-2022-31251: Fixed a potential security vulnerability in the test package (bsc#1201674).
- CVE-2022-29500: Fixed an architectural flaw can be exploited to allow an unprivileged user to execute arbitrary processes as root (bsc#1199278).
- CVE-2022-29501: Fixed a vulnerability where an unprivileged user can send data to arbitrary unix socket as root (bsc#1199279).
Список пакетов
SUSE Linux Enterprise Module for HPC 12
libpmi0_18_08-18.08.9-3.17.1
libslurm33-18.08.9-3.17.1
perl-slurm_18_08-18.08.9-3.17.1
slurm_18_08-18.08.9-3.17.1
slurm_18_08-auth-none-18.08.9-3.17.1
slurm_18_08-config-18.08.9-3.17.1
slurm_18_08-devel-18.08.9-3.17.1
slurm_18_08-doc-18.08.9-3.17.1
slurm_18_08-lua-18.08.9-3.17.1
slurm_18_08-munge-18.08.9-3.17.1
slurm_18_08-node-18.08.9-3.17.1
slurm_18_08-pam_slurm-18.08.9-3.17.1
slurm_18_08-plugins-18.08.9-3.17.1
slurm_18_08-slurmdbd-18.08.9-3.17.1
slurm_18_08-sql-18.08.9-3.17.1
slurm_18_08-torque-18.08.9-3.17.1
Ссылки
- Link for SUSE-SU-2022:3454-1
- E-Mail link for SUSE-SU-2022:3454-1
- SUSE Security Ratings
- SUSE Bug 1199278
- SUSE Bug 1199279
- SUSE Bug 1201674
- SUSE CVE CVE-2022-29500 page
- SUSE CVE CVE-2022-29501 page
- SUSE CVE CVE-2022-31251 page
Описание
SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure.
Затронутые продукты
SUSE Linux Enterprise Module for HPC 12:libpmi0_18_08-18.08.9-3.17.1
SUSE Linux Enterprise Module for HPC 12:libslurm33-18.08.9-3.17.1
SUSE Linux Enterprise Module for HPC 12:perl-slurm_18_08-18.08.9-3.17.1
SUSE Linux Enterprise Module for HPC 12:slurm_18_08-18.08.9-3.17.1
Ссылки
- CVE-2022-29500
- SUSE Bug 1199278
Описание
SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution.
Затронутые продукты
SUSE Linux Enterprise Module for HPC 12:libpmi0_18_08-18.08.9-3.17.1
SUSE Linux Enterprise Module for HPC 12:libslurm33-18.08.9-3.17.1
SUSE Linux Enterprise Module for HPC 12:perl-slurm_18_08-18.08.9-3.17.1
SUSE Linux Enterprise Module for HPC 12:slurm_18_08-18.08.9-3.17.1
Ссылки
- CVE-2022-29501
- SUSE Bug 1199279
Описание
A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE Factory allows local attackers with control over the slurm user to escalate to root. This issue affects: openSUSE Factory slurm versions prior to 22.05.2-3.3.
Затронутые продукты
SUSE Linux Enterprise Module for HPC 12:libpmi0_18_08-18.08.9-3.17.1
SUSE Linux Enterprise Module for HPC 12:libslurm33-18.08.9-3.17.1
SUSE Linux Enterprise Module for HPC 12:perl-slurm_18_08-18.08.9-3.17.1
SUSE Linux Enterprise Module for HPC 12:slurm_18_08-18.08.9-3.17.1
Ссылки
- CVE-2022-31251
- SUSE Bug 1201674