FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

slurm -- insecure handling of user_name and gid fields

Affected packages
slurm-wlm < 17.02.11

Details

VuXML ID 3a66cb69-716f-11e8-be54-3085a9a47796
Discovery 2018-05-30
Entry 2018-06-16

SchedMD reports:

Insecure handling of user_name and gid fields (CVE-2018-10995)

While fixes are only available for the supported 17.02 and 17.11 releases, it is believed that similar vulnerabilities do affect past versions as well. The only resolution is to upgrade Slurm to a fixed release.

[source]

References

URL https://lists.schedmd.com/pipermail/slurm-announce/2018/000008.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.