Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2022:3490-1

Опубликовано: 03 окт. 2022
Источник: suse-cvrf

Описание

Security update for slurm

This update for slurm fixes the following issues:

  • CVE-2022-31251: Fixed a potential security vulnerability in the test package (bsc#1201674).
  • CVE-2022-29500: Fixed an architectural flaw can be exploited to allow an unprivileged user to execute arbitrary processes as root (bsc#1199278).
  • CVE-2022-29501: Fixed a vulnerability where an unprivileged user can send data to arbitrary unix socket as root (bsc#1199279).

Список пакетов

SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS
libnss_slurm2-20.02.7-150200.3.14.2
libpmi0-20.02.7-150200.3.14.2
libslurm35-20.02.7-150200.3.14.2
perl-slurm-20.02.7-150200.3.14.2
slurm-20.02.7-150200.3.14.2
slurm-auth-none-20.02.7-150200.3.14.2
slurm-config-20.02.7-150200.3.14.2
slurm-config-man-20.02.7-150200.3.14.2
slurm-devel-20.02.7-150200.3.14.2
slurm-doc-20.02.7-150200.3.14.2
slurm-lua-20.02.7-150200.3.14.2
slurm-munge-20.02.7-150200.3.14.2
slurm-node-20.02.7-150200.3.14.2
slurm-pam_slurm-20.02.7-150200.3.14.2
slurm-plugins-20.02.7-150200.3.14.2
slurm-slurmdbd-20.02.7-150200.3.14.2
slurm-sql-20.02.7-150200.3.14.2
slurm-sview-20.02.7-150200.3.14.2
slurm-torque-20.02.7-150200.3.14.2
slurm-webdoc-20.02.7-150200.3.14.2
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
libnss_slurm2-20.02.7-150200.3.14.2
libpmi0-20.02.7-150200.3.14.2
libslurm35-20.02.7-150200.3.14.2
perl-slurm-20.02.7-150200.3.14.2
slurm-20.02.7-150200.3.14.2
slurm-auth-none-20.02.7-150200.3.14.2
slurm-config-20.02.7-150200.3.14.2
slurm-config-man-20.02.7-150200.3.14.2
slurm-devel-20.02.7-150200.3.14.2
slurm-doc-20.02.7-150200.3.14.2
slurm-lua-20.02.7-150200.3.14.2
slurm-munge-20.02.7-150200.3.14.2
slurm-node-20.02.7-150200.3.14.2
slurm-pam_slurm-20.02.7-150200.3.14.2
slurm-plugins-20.02.7-150200.3.14.2
slurm-slurmdbd-20.02.7-150200.3.14.2
slurm-sql-20.02.7-150200.3.14.2
slurm-sview-20.02.7-150200.3.14.2
slurm-torque-20.02.7-150200.3.14.2
slurm-webdoc-20.02.7-150200.3.14.2
openSUSE Leap 15.3
libslurm35-20.02.7-150200.3.14.2
openSUSE Leap 15.4
libslurm35-20.02.7-150200.3.14.2

Ссылки

Описание

SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure.

Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libnss_slurm2-20.02.7-150200.3.14.2
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libpmi0-20.02.7-150200.3.14.2
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libslurm35-20.02.7-150200.3.14.2
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:perl-slurm-20.02.7-150200.3.14.2
Ссылки

Описание

SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution.

Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libnss_slurm2-20.02.7-150200.3.14.2
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libpmi0-20.02.7-150200.3.14.2
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libslurm35-20.02.7-150200.3.14.2
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:perl-slurm-20.02.7-150200.3.14.2
Ссылки

Описание

A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE Factory allows local attackers with control over the slurm user to escalate to root. This issue affects: openSUSE Factory slurm versions prior to 22.05.2-3.3.

Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libnss_slurm2-20.02.7-150200.3.14.2
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libpmi0-20.02.7-150200.3.14.2
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libslurm35-20.02.7-150200.3.14.2
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:perl-slurm-20.02.7-150200.3.14.2
Ссылки
Уязвимость SUSE-SU-2022:3490-1