First published: Wed Nov 01 2017(Updated: )
Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
debian/slurm-llnl | <=17.02.7-1<=16.05.9-1 | 17.02.9-1 16.05.9-1+deb9u1 |
SchedMD Slurm | <16.05.11 | |
SchedMD Slurm | >=17.02.0<17.2.09 | |
SchedMD Slurm | =17.11.0-rc1 | |
debian/slurm-llnl | 18.08.5.2-1+deb10u2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.