First published: Thu May 05 2022(Updated: )
SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information Disclosure.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
SchedMD Slurm | <20.11.9 | |
SchedMD Slurm | >=21.08.0<21.08.08 | |
Fedoraproject Fedora | =34 | |
Fedoraproject Fedora | =35 | |
Fedoraproject Fedora | =36 | |
Debian Debian Linux | =11.0 | |
debian/slurm-wlm | <=20.11.7+really20.11.4-2<=21.08.7-1 | 21.08.8.2-1 20.11.7+really20.11.4-2+deb11u1 |
ubuntu/slurm-llnl | <19.05.5-1ubuntu0.1~ | 19.05.5-1ubuntu0.1~ |
ubuntu/slurm-llnl | <21.08.8<20.11.9 | 21.08.8 20.11.9 |
ubuntu/slurm-wlm | <21.08.5-2ubuntu1+ | 21.08.5-2ubuntu1+ |
ubuntu/slurm-wlm | <21.08.8.2-1<21.08.8<20.11.9 | 21.08.8.2-1 21.08.8 20.11.9 |
debian/slurm-wlm | 20.11.7+really20.11.4-2+deb11u1 22.05.8-4+deb12u2 24.05.1-2 24.05.2-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2022-29500.
The severity of CVE-2022-29500 is critical with a severity value of 8.8.
SchedMD Slurm versions 21.08.x through 20.11.x are affected by CVE-2022-29500.
To fix the vulnerability, update to SchedMD Slurm version 20.11.9 for versions 20.11.x and update to SchedMD Slurm version 21.08.8 for versions 21.08.x.
You can find more information about CVE-2022-29500 at the following references: [1](https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HXLOI3ERTKMZR2KWNRN7OR5S55VPWENH/), [2](https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y6B7OWVNVCJUDE6VDWGCBUWMRCRETAO3/), [3](https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YBI4NFDGGMBKWG4EMSZL5UHATDCLPCQW/)