all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

USN-6458-1: Slurm vulnerabilities

Add to bookmarks
Oct. 30, 2023, 11:20 a.m. |

Ubuntu security notices ubuntu.com

It was discovered that Slurm did not properly handle credential
management, which could allow an unprivileged user to impersonate the
SlurmUser account. An attacker could possibly use this issue to execute
arbitrary code as the root user. (CVE-2022-29500)

It was discovered that Slurm did not properly handle access control when
dealing with RPC traffic through PMI2 and PMIx, which could allow an
unprivileged user to send data to an arbitrary unix socket in the host.
An attacker could possibly use …

access access control account arbitrary code attacker code control credential credential management cve issue management root rpc traffic usn vulnerabilities

Visit resource

More from ubuntu.com / Ubuntu security notices

USN-6757-2: PHP vulnerabilities 1 day, 18 hours ago | ubuntu.com
advisory arbitrary code attacker code +15
USN-6762-1: GNU C Library vulnerabilities 1 day, 21 hours ago | ubuntu.com
arbitrary code attacker attackers code +14
USN-6747-2: Firefox regressions 2 days, 6 hours ago | ubuntu.com
advisory attacker denial of service domains +14
USN-6760-1: Gerbv vulnerability 3 days, 11 hours ago | ubuntu.com
application attacker crash data +10
LSN-0103-1: Kernel Live Patch Security Notice 3 days, 22 hours ago | ubuntu.com
attacker con cve data +21
USN-6758-1: JSON5 vulnerability 3 days, 23 hours ago | ubuntu.com
access application attacker denial of service +12
USN-6761-1: Anope vulnerability 4 days, 2 hours ago | ubuntu.com
accounts attacker changing credentials +7
USN-6759-1: FreeRDP vulnerabilities 4 days, 17 hours ago | ubuntu.com
attacker crash denial of service issue +7
USN-6757-1: PHP vulnerabilities 4 days, 19 hours ago | ubuntu.com
arbitrary code attacker code cookie +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Principal Security Engineer

@ Elsevier | Home based-Georgia
View on infosec-jobs.com

Infrastructure Compliance Engineer

@ NVIDIA | US, CA, Santa Clara
View on infosec-jobs.com

Information Systems Security Engineer (ISSE) / Cybersecurity SME

@ Green Cell Consulting | Twentynine Palms, CA, United States
View on infosec-jobs.com

Sales Security Analyst

@ Everbridge | Bengaluru
View on infosec-jobs.com

Alternance – Analyste Threat Intelligence – Cybersécurité - Île-de-France

@ Sopra Steria | Courbevoie, France
View on infosec-jobs.com

Third Party Cyber Risk Analyst

@ Chubb | Philippines
View on infosec-jobs.com
View more jobs