Описание
Security update for slurm_20_02
This update for slurm_20_02 fixes the following issues:
- CVE-2022-31251: Fixed security vulnerability in the test package (bsc#1201674).
- CVE-2022-29500: Fixed architectural flaw that can be exploited to allow an unprivileged user to execute arbitrary processes as root (bsc#1199278).
- CVE-2022-29501: Fixed vulnerability where an unprivileged user can send data to arbitrary unix socket as root (bsc#1199279).
Bugfixes:
- Fixed qstat error message (torque wrapper) (bsc#1186646).
Список пакетов
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS
libnss_slurm2_20_02-20.02.7-150100.3.24.1
libpmi0_20_02-20.02.7-150100.3.24.1
libslurm35-20.02.7-150100.3.24.1
perl-slurm_20_02-20.02.7-150100.3.24.1
slurm_20_02-20.02.7-150100.3.24.1
slurm_20_02-auth-none-20.02.7-150100.3.24.1
slurm_20_02-config-20.02.7-150100.3.24.1
slurm_20_02-config-man-20.02.7-150100.3.24.1
slurm_20_02-devel-20.02.7-150100.3.24.1
slurm_20_02-doc-20.02.7-150100.3.24.1
slurm_20_02-lua-20.02.7-150100.3.24.1
slurm_20_02-munge-20.02.7-150100.3.24.1
slurm_20_02-node-20.02.7-150100.3.24.1
slurm_20_02-pam_slurm-20.02.7-150100.3.24.1
slurm_20_02-plugins-20.02.7-150100.3.24.1
slurm_20_02-slurmdbd-20.02.7-150100.3.24.1
slurm_20_02-sql-20.02.7-150100.3.24.1
slurm_20_02-sview-20.02.7-150100.3.24.1
slurm_20_02-torque-20.02.7-150100.3.24.1
slurm_20_02-webdoc-20.02.7-150100.3.24.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
libnss_slurm2_20_02-20.02.7-150100.3.24.1
libpmi0_20_02-20.02.7-150100.3.24.1
libslurm35-20.02.7-150100.3.24.1
perl-slurm_20_02-20.02.7-150100.3.24.1
slurm_20_02-20.02.7-150100.3.24.1
slurm_20_02-auth-none-20.02.7-150100.3.24.1
slurm_20_02-config-20.02.7-150100.3.24.1
slurm_20_02-config-man-20.02.7-150100.3.24.1
slurm_20_02-devel-20.02.7-150100.3.24.1
slurm_20_02-doc-20.02.7-150100.3.24.1
slurm_20_02-lua-20.02.7-150100.3.24.1
slurm_20_02-munge-20.02.7-150100.3.24.1
slurm_20_02-node-20.02.7-150100.3.24.1
slurm_20_02-pam_slurm-20.02.7-150100.3.24.1
slurm_20_02-plugins-20.02.7-150100.3.24.1
slurm_20_02-slurmdbd-20.02.7-150100.3.24.1
slurm_20_02-sql-20.02.7-150100.3.24.1
slurm_20_02-sview-20.02.7-150100.3.24.1
slurm_20_02-torque-20.02.7-150100.3.24.1
slurm_20_02-webdoc-20.02.7-150100.3.24.1
openSUSE Leap 15.3
libnss_slurm2_20_02-20.02.7-150100.3.24.1
libpmi0_20_02-20.02.7-150100.3.24.1
perl-slurm_20_02-20.02.7-150100.3.24.1
slurm_20_02-20.02.7-150100.3.24.1
slurm_20_02-auth-none-20.02.7-150100.3.24.1
slurm_20_02-config-20.02.7-150100.3.24.1
slurm_20_02-config-man-20.02.7-150100.3.24.1
slurm_20_02-cray-20.02.7-150100.3.24.1
slurm_20_02-devel-20.02.7-150100.3.24.1
slurm_20_02-doc-20.02.7-150100.3.24.1
slurm_20_02-hdf5-20.02.7-150100.3.24.1
slurm_20_02-lua-20.02.7-150100.3.24.1
slurm_20_02-munge-20.02.7-150100.3.24.1
slurm_20_02-node-20.02.7-150100.3.24.1
slurm_20_02-openlava-20.02.7-150100.3.24.1
slurm_20_02-pam_slurm-20.02.7-150100.3.24.1
slurm_20_02-plugins-20.02.7-150100.3.24.1
slurm_20_02-rest-20.02.7-150100.3.24.1
slurm_20_02-seff-20.02.7-150100.3.24.1
slurm_20_02-sjstat-20.02.7-150100.3.24.1
slurm_20_02-slurmdbd-20.02.7-150100.3.24.1
slurm_20_02-sql-20.02.7-150100.3.24.1
slurm_20_02-sview-20.02.7-150100.3.24.1
slurm_20_02-torque-20.02.7-150100.3.24.1
slurm_20_02-webdoc-20.02.7-150100.3.24.1
openSUSE Leap 15.4
libnss_slurm2_20_02-20.02.7-150100.3.24.1
libpmi0_20_02-20.02.7-150100.3.24.1
perl-slurm_20_02-20.02.7-150100.3.24.1
slurm_20_02-20.02.7-150100.3.24.1
slurm_20_02-auth-none-20.02.7-150100.3.24.1
slurm_20_02-config-20.02.7-150100.3.24.1
slurm_20_02-config-man-20.02.7-150100.3.24.1
slurm_20_02-cray-20.02.7-150100.3.24.1
slurm_20_02-devel-20.02.7-150100.3.24.1
slurm_20_02-doc-20.02.7-150100.3.24.1
slurm_20_02-hdf5-20.02.7-150100.3.24.1
slurm_20_02-lua-20.02.7-150100.3.24.1
slurm_20_02-munge-20.02.7-150100.3.24.1
slurm_20_02-node-20.02.7-150100.3.24.1
slurm_20_02-openlava-20.02.7-150100.3.24.1
slurm_20_02-pam_slurm-20.02.7-150100.3.24.1
slurm_20_02-plugins-20.02.7-150100.3.24.1
slurm_20_02-rest-20.02.7-150100.3.24.1
slurm_20_02-seff-20.02.7-150100.3.24.1
slurm_20_02-sjstat-20.02.7-150100.3.24.1
slurm_20_02-slurmdbd-20.02.7-150100.3.24.1
slurm_20_02-sql-20.02.7-150100.3.24.1
slurm_20_02-sview-20.02.7-150100.3.24.1
slurm_20_02-torque-20.02.7-150100.3.24.1
slurm_20_02-webdoc-20.02.7-150100.3.24.1
Ссылки
- Link for SUSE-SU-2022:3491-1
- E-Mail link for SUSE-SU-2022:3491-1
- SUSE Security Ratings
- SUSE Bug 1186646
- SUSE Bug 1199278
- SUSE Bug 1199279
- SUSE Bug 1201674
- SUSE CVE CVE-2022-29500 page
- SUSE CVE CVE-2022-29501 page
- SUSE CVE CVE-2022-31251 page
Описание
SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure.
Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libnss_slurm2_20_02-20.02.7-150100.3.24.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libpmi0_20_02-20.02.7-150100.3.24.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libslurm35-20.02.7-150100.3.24.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:perl-slurm_20_02-20.02.7-150100.3.24.1
Ссылки
- CVE-2022-29500
- SUSE Bug 1199278
Описание
SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Escalation of Privileges and code execution.
Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libnss_slurm2_20_02-20.02.7-150100.3.24.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libpmi0_20_02-20.02.7-150100.3.24.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libslurm35-20.02.7-150100.3.24.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:perl-slurm_20_02-20.02.7-150100.3.24.1
Ссылки
- CVE-2022-29501
- SUSE Bug 1199279
Описание
A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE Factory allows local attackers with control over the slurm user to escalate to root. This issue affects: openSUSE Factory slurm versions prior to 22.05.2-3.3.
Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libnss_slurm2_20_02-20.02.7-150100.3.24.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libpmi0_20_02-20.02.7-150100.3.24.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libslurm35-20.02.7-150100.3.24.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:perl-slurm_20_02-20.02.7-150100.3.24.1
Ссылки
- CVE-2022-31251
- SUSE Bug 1201674