Описание
An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. There is Improper Enforcement of Message Integrity During Transmission in a Communication Channel. This allows attackers to modify RPC traffic in a way that bypasses message hash checks. The fixed versions are 22.05.11, 23.02.7, and 23.11.1.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | DNE | |
| esm-apps/bionic | needed | |
| esm-apps/focal | needed | |
| esm-apps/xenial | needed | |
| esm-infra-legacy/trusty | needed | |
| focal | ignored | end of standard support, was needs-triage |
| jammy | DNE | |
| lunar | DNE | |
| mantic | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | not-affected | 24.11.5-4 |
| esm-apps/jammy | needed | |
| esm-apps/noble | not-affected | 23.11.4-1.2ubuntu5 |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | needed | |
| lunar | ignored | end of life, was needs-triage |
| mantic | ignored | end of life, was needs-triage |
| noble | not-affected | 23.11.4-1.2ubuntu5 |
Показывать по
EPSS
7.5 High
CVSS3
Связанные уязвимости
An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. There is Improper Enforcement of Message Integrity During Transmission in a Communication Channel. This allows attackers to modify RPC traffic in a way that bypasses message hash checks. The fixed versions are 22.05.11, 23.02.7, and 23.11.1.
An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x ...
An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. There is Improper Enforcement of Message Integrity During Transmission in a Communication Channel. This allows attackers to modify RPC traffic in a way that bypasses message hash checks. The fixed versions are 22.05.11, 23.02.7, and 23.11.1.
Уязвимость менеджера управления ресурсами Slurm, связанная с недостаточной реализацией целостности сообщений при их передаче в канал связи, позволяющая нарушителю модифицировать RPC-трафик таким образом, чтобы обойти проверку хэша сообщений
EPSS
7.5 High
CVSS3