Ubuntu update for slurm-llnl
Security Bulletin
This security bulletin contains information about 9 vulnerabilities.
1) Improper access control
EUVDB-ID: #VU39953
Risk: High
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-10030
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
The _prolog_error function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on a compute node. That vulnerability could allow a user to assume control of an arbitrary file on the system. Any exploitation of this is dependent on the user being able to cause or anticipate the failure (non-zero return code) of a Prolog script that their job would run on. This issue affects all Slurm versions from 0.6.0 (September 2005) to present. Workarounds to prevent exploitation of this are to either disable your Prolog script, or modify it such that it always returns 0 ("success") and adjust it to set the node as down using scontrol instead of relying on the slurmd to handle that automatically. If you do not have a Prolog set you are unaffected by this issue.
MitigationUpdate the affected package slurm-llnl to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 16.04
slurm-llnl-sview (Ubuntu package): before Ubuntu Pro
slurm-llnl-torque (Ubuntu package): before Ubuntu Pro
slurm-llnl-basic-plugins (Ubuntu package): before Ubuntu Pro
libslurm26 (Ubuntu package): before Ubuntu Pro
libslurmdb26 (Ubuntu package): before Ubuntu Pro
slurm-wlm-basic-plugins (Ubuntu package): before Ubuntu Pro
sview (Ubuntu package): before Ubuntu Pro
libslurmdb-perl (Ubuntu package): before Ubuntu Pro
slurm-llnl-slurmdbd (Ubuntu package): before Ubuntu Pro
slurmdbd (Ubuntu package): before Ubuntu Pro
slurm-llnl (Ubuntu package): before Ubuntu Pro
libslurmdb29 (Ubuntu package): before Ubuntu Pro
slurm-wlm-emulator (Ubuntu package): before Ubuntu Pro
slurm-client-emulator (Ubuntu package): before Ubuntu Pro
slurm-wlm-torque (Ubuntu package): before Ubuntu Pro
slurmd (Ubuntu package): before Ubuntu Pro
libpam-slurm (Ubuntu package): before Ubuntu Pro
slurm-client (Ubuntu package): before Ubuntu Pro
slurm-wlm (Ubuntu package): before Ubuntu Pro
libpmi0 (Ubuntu package): before Ubuntu Pro
libslurm29 (Ubuntu package): before Ubuntu Pro
libslurm-perl (Ubuntu package): before Ubuntu Pro
slurmctld (Ubuntu package): before Ubuntu Pro
CPE2.3 External linkshttp://ubuntu.com/security/notices/USN-4781-2
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Untrusted search path
EUVDB-ID: #VU37992
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-15566
CWE-ID:
CWE-426 - Untrusted Search Path
Exploit availability: No
DescriptionThe vulnerability allows a local authenticated user to execute arbitrary code.
Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution.
MitigationUpdate the affected package slurm-llnl to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 16.04
slurm-llnl-sview (Ubuntu package): before Ubuntu Pro
slurm-llnl-torque (Ubuntu package): before Ubuntu Pro
slurm-llnl-basic-plugins (Ubuntu package): before Ubuntu Pro
libslurm26 (Ubuntu package): before Ubuntu Pro
libslurmdb26 (Ubuntu package): before Ubuntu Pro
slurm-wlm-basic-plugins (Ubuntu package): before Ubuntu Pro
sview (Ubuntu package): before Ubuntu Pro
libslurmdb-perl (Ubuntu package): before Ubuntu Pro
slurm-llnl-slurmdbd (Ubuntu package): before Ubuntu Pro
slurmdbd (Ubuntu package): before Ubuntu Pro
slurm-llnl (Ubuntu package): before Ubuntu Pro
libslurmdb29 (Ubuntu package): before Ubuntu Pro
slurm-wlm-emulator (Ubuntu package): before Ubuntu Pro
slurm-client-emulator (Ubuntu package): before Ubuntu Pro
slurm-wlm-torque (Ubuntu package): before Ubuntu Pro
slurmd (Ubuntu package): before Ubuntu Pro
libpam-slurm (Ubuntu package): before Ubuntu Pro
slurm-client (Ubuntu package): before Ubuntu Pro
slurm-wlm (Ubuntu package): before Ubuntu Pro
libpmi0 (Ubuntu package): before Ubuntu Pro
libslurm29 (Ubuntu package): before Ubuntu Pro
libslurm-perl (Ubuntu package): before Ubuntu Pro
slurmctld (Ubuntu package): before Ubuntu Pro
CPE2.3 External linkshttp://ubuntu.com/security/notices/USN-4781-2
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Security restrictions bypass
EUVDB-ID: #VU13897
Risk: Low
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-10995
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass security restrictions on the target system.
The vulnerability exists due to the application mishandles user names (aka user_name fields) and group ids (aka gid fields). A remote unauthenticated attacker can bypass security restrictions and conduct further attacks.
Update the affected package slurm-llnl to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 16.04
slurm-llnl-sview (Ubuntu package): before Ubuntu Pro
slurm-llnl-torque (Ubuntu package): before Ubuntu Pro
slurm-llnl-basic-plugins (Ubuntu package): before Ubuntu Pro
libslurm26 (Ubuntu package): before Ubuntu Pro
libslurmdb26 (Ubuntu package): before Ubuntu Pro
slurm-wlm-basic-plugins (Ubuntu package): before Ubuntu Pro
sview (Ubuntu package): before Ubuntu Pro
libslurmdb-perl (Ubuntu package): before Ubuntu Pro
slurm-llnl-slurmdbd (Ubuntu package): before Ubuntu Pro
slurmdbd (Ubuntu package): before Ubuntu Pro
slurm-llnl (Ubuntu package): before Ubuntu Pro
libslurmdb29 (Ubuntu package): before Ubuntu Pro
slurm-wlm-emulator (Ubuntu package): before Ubuntu Pro
slurm-client-emulator (Ubuntu package): before Ubuntu Pro
slurm-wlm-torque (Ubuntu package): before Ubuntu Pro
slurmd (Ubuntu package): before Ubuntu Pro
libpam-slurm (Ubuntu package): before Ubuntu Pro
slurm-client (Ubuntu package): before Ubuntu Pro
slurm-wlm (Ubuntu package): before Ubuntu Pro
libpmi0 (Ubuntu package): before Ubuntu Pro
libslurm29 (Ubuntu package): before Ubuntu Pro
libslurm-perl (Ubuntu package): before Ubuntu Pro
slurmctld (Ubuntu package): before Ubuntu Pro
CPE2.3 External linkshttp://ubuntu.com/security/notices/USN-4781-2
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) SQL injection
EUVDB-ID: #VU13996
Risk: Low
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-7033
CWE-ID:
CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary SQL commands in web application database.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can send a specially crafted HTTP request to vulnerable script and execute arbitrary SQL commands in web application database.
Successful exploitation of the vulnerability may allow an attacker to gain administrative access to vulnerable web application.
MitigationUpdate the affected package slurm-llnl to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 16.04
slurm-llnl-sview (Ubuntu package): before Ubuntu Pro
slurm-llnl-torque (Ubuntu package): before Ubuntu Pro
slurm-llnl-basic-plugins (Ubuntu package): before Ubuntu Pro
libslurm26 (Ubuntu package): before Ubuntu Pro
libslurmdb26 (Ubuntu package): before Ubuntu Pro
slurm-wlm-basic-plugins (Ubuntu package): before Ubuntu Pro
sview (Ubuntu package): before Ubuntu Pro
libslurmdb-perl (Ubuntu package): before Ubuntu Pro
slurm-llnl-slurmdbd (Ubuntu package): before Ubuntu Pro
slurmdbd (Ubuntu package): before Ubuntu Pro
slurm-llnl (Ubuntu package): before Ubuntu Pro
libslurmdb29 (Ubuntu package): before Ubuntu Pro
slurm-wlm-emulator (Ubuntu package): before Ubuntu Pro
slurm-client-emulator (Ubuntu package): before Ubuntu Pro
slurm-wlm-torque (Ubuntu package): before Ubuntu Pro
slurmd (Ubuntu package): before Ubuntu Pro
libpam-slurm (Ubuntu package): before Ubuntu Pro
slurm-client (Ubuntu package): before Ubuntu Pro
slurm-wlm (Ubuntu package): before Ubuntu Pro
libpmi0 (Ubuntu package): before Ubuntu Pro
libslurm29 (Ubuntu package): before Ubuntu Pro
libslurm-perl (Ubuntu package): before Ubuntu Pro
slurmctld (Ubuntu package): before Ubuntu Pro
CPE2.3 External linkshttp://ubuntu.com/security/notices/USN-4781-2
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Heap-based buffer overflow
EUVDB-ID: #VU20855
Risk: Medium
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-6438
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform denial of service (DoS) attack.
The vulnerability exists due to a boundary error. A remote attacker can send specially crafted data to the affected application, trigger heap overflow and perform denial of service attack. MitigationUpdate the affected package slurm-llnl to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 16.04
slurm-llnl-sview (Ubuntu package): before Ubuntu Pro
slurm-llnl-torque (Ubuntu package): before Ubuntu Pro
slurm-llnl-basic-plugins (Ubuntu package): before Ubuntu Pro
libslurm26 (Ubuntu package): before Ubuntu Pro
libslurmdb26 (Ubuntu package): before Ubuntu Pro
slurm-wlm-basic-plugins (Ubuntu package): before Ubuntu Pro
sview (Ubuntu package): before Ubuntu Pro
libslurmdb-perl (Ubuntu package): before Ubuntu Pro
slurm-llnl-slurmdbd (Ubuntu package): before Ubuntu Pro
slurmdbd (Ubuntu package): before Ubuntu Pro
slurm-llnl (Ubuntu package): before Ubuntu Pro
libslurmdb29 (Ubuntu package): before Ubuntu Pro
slurm-wlm-emulator (Ubuntu package): before Ubuntu Pro
slurm-client-emulator (Ubuntu package): before Ubuntu Pro
slurm-wlm-torque (Ubuntu package): before Ubuntu Pro
slurmd (Ubuntu package): before Ubuntu Pro
libpam-slurm (Ubuntu package): before Ubuntu Pro
slurm-client (Ubuntu package): before Ubuntu Pro
slurm-wlm (Ubuntu package): before Ubuntu Pro
libpmi0 (Ubuntu package): before Ubuntu Pro
libslurm29 (Ubuntu package): before Ubuntu Pro
libslurm-perl (Ubuntu package): before Ubuntu Pro
slurmctld (Ubuntu package): before Ubuntu Pro
CPE2.3 External linkshttp://ubuntu.com/security/notices/USN-4781-2
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Authentication bypass using an alternate path or channel
EUVDB-ID: #VU46672
Risk: High
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-12693
CWE-ID:
CWE-288 - Authentication Bypass Using an Alternate Path or Channel
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to a race condition during authentication process, if Message Aggregation is enabled. A remote non-authenticated attacker can send specially crafted request to the application, bypass authentication process and execute arbitrary code on the system.
Update the affected package slurm-llnl to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 16.04
slurm-llnl-sview (Ubuntu package): before Ubuntu Pro
slurm-llnl-torque (Ubuntu package): before Ubuntu Pro
slurm-llnl-basic-plugins (Ubuntu package): before Ubuntu Pro
libslurm26 (Ubuntu package): before Ubuntu Pro
libslurmdb26 (Ubuntu package): before Ubuntu Pro
slurm-wlm-basic-plugins (Ubuntu package): before Ubuntu Pro
sview (Ubuntu package): before Ubuntu Pro
libslurmdb-perl (Ubuntu package): before Ubuntu Pro
slurm-llnl-slurmdbd (Ubuntu package): before Ubuntu Pro
slurmdbd (Ubuntu package): before Ubuntu Pro
slurm-llnl (Ubuntu package): before Ubuntu Pro
libslurmdb29 (Ubuntu package): before Ubuntu Pro
slurm-wlm-emulator (Ubuntu package): before Ubuntu Pro
slurm-client-emulator (Ubuntu package): before Ubuntu Pro
slurm-wlm-torque (Ubuntu package): before Ubuntu Pro
slurmd (Ubuntu package): before Ubuntu Pro
libpam-slurm (Ubuntu package): before Ubuntu Pro
slurm-client (Ubuntu package): before Ubuntu Pro
slurm-wlm (Ubuntu package): before Ubuntu Pro
libpmi0 (Ubuntu package): before Ubuntu Pro
libslurm29 (Ubuntu package): before Ubuntu Pro
libslurm-perl (Ubuntu package): before Ubuntu Pro
slurmctld (Ubuntu package): before Ubuntu Pro
CPE2.3 External linkshttp://ubuntu.com/security/notices/USN-4781-2
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Buffer overflow
EUVDB-ID: #VU50143
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-27745
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in the PMIx MPI plugin. A local user can run a specially crafted program to trigger buffer overflow in RPC implementation and execute arbitrary code on the system with elevated privileges.
Update the affected package slurm-llnl to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 16.04
slurm-llnl-sview (Ubuntu package): before Ubuntu Pro
slurm-llnl-torque (Ubuntu package): before Ubuntu Pro
slurm-llnl-basic-plugins (Ubuntu package): before Ubuntu Pro
libslurm26 (Ubuntu package): before Ubuntu Pro
libslurmdb26 (Ubuntu package): before Ubuntu Pro
slurm-wlm-basic-plugins (Ubuntu package): before Ubuntu Pro
sview (Ubuntu package): before Ubuntu Pro
libslurmdb-perl (Ubuntu package): before Ubuntu Pro
slurm-llnl-slurmdbd (Ubuntu package): before Ubuntu Pro
slurmdbd (Ubuntu package): before Ubuntu Pro
slurm-llnl (Ubuntu package): before Ubuntu Pro
libslurmdb29 (Ubuntu package): before Ubuntu Pro
slurm-wlm-emulator (Ubuntu package): before Ubuntu Pro
slurm-client-emulator (Ubuntu package): before Ubuntu Pro
slurm-wlm-torque (Ubuntu package): before Ubuntu Pro
slurmd (Ubuntu package): before Ubuntu Pro
libpam-slurm (Ubuntu package): before Ubuntu Pro
slurm-client (Ubuntu package): before Ubuntu Pro
slurm-wlm (Ubuntu package): before Ubuntu Pro
libpmi0 (Ubuntu package): before Ubuntu Pro
libslurm29 (Ubuntu package): before Ubuntu Pro
libslurm-perl (Ubuntu package): before Ubuntu Pro
slurmctld (Ubuntu package): before Ubuntu Pro
CPE2.3 External linkshttp://ubuntu.com/security/notices/USN-4781-2
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Race condition
EUVDB-ID: #VU50142
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-27746
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a race condition in the xauth for X11 magic cookies when reading data on the /proc filesystem. A local user can exploit the race and gain unauthorized access to sensitive information.
MitigationUpdate the affected package slurm-llnl to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 16.04
slurm-llnl-sview (Ubuntu package): before Ubuntu Pro
slurm-llnl-torque (Ubuntu package): before Ubuntu Pro
slurm-llnl-basic-plugins (Ubuntu package): before Ubuntu Pro
libslurm26 (Ubuntu package): before Ubuntu Pro
libslurmdb26 (Ubuntu package): before Ubuntu Pro
slurm-wlm-basic-plugins (Ubuntu package): before Ubuntu Pro
sview (Ubuntu package): before Ubuntu Pro
libslurmdb-perl (Ubuntu package): before Ubuntu Pro
slurm-llnl-slurmdbd (Ubuntu package): before Ubuntu Pro
slurmdbd (Ubuntu package): before Ubuntu Pro
slurm-llnl (Ubuntu package): before Ubuntu Pro
libslurmdb29 (Ubuntu package): before Ubuntu Pro
slurm-wlm-emulator (Ubuntu package): before Ubuntu Pro
slurm-client-emulator (Ubuntu package): before Ubuntu Pro
slurm-wlm-torque (Ubuntu package): before Ubuntu Pro
slurmd (Ubuntu package): before Ubuntu Pro
libpam-slurm (Ubuntu package): before Ubuntu Pro
slurm-client (Ubuntu package): before Ubuntu Pro
slurm-wlm (Ubuntu package): before Ubuntu Pro
libpmi0 (Ubuntu package): before Ubuntu Pro
libslurm29 (Ubuntu package): before Ubuntu Pro
libslurm-perl (Ubuntu package): before Ubuntu Pro
slurmctld (Ubuntu package): before Ubuntu Pro
CPE2.3 External linkshttp://ubuntu.com/security/notices/USN-4781-2
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Security restrictions bypass
EUVDB-ID: #VU53685
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-31215
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges on the system.
The vulnerability exists due to improper environment handling in Slurm. A remote user can run arbitrary commands as SlurmUser if the installation uses a PrologSlurmctld and/or EpilogSlurmctld script.
MitigationUpdate the affected package slurm-llnl to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 16.04
slurm-llnl-sview (Ubuntu package): before Ubuntu Pro
slurm-llnl-torque (Ubuntu package): before Ubuntu Pro
slurm-llnl-basic-plugins (Ubuntu package): before Ubuntu Pro
libslurm26 (Ubuntu package): before Ubuntu Pro
libslurmdb26 (Ubuntu package): before Ubuntu Pro
slurm-wlm-basic-plugins (Ubuntu package): before Ubuntu Pro
sview (Ubuntu package): before Ubuntu Pro
libslurmdb-perl (Ubuntu package): before Ubuntu Pro
slurm-llnl-slurmdbd (Ubuntu package): before Ubuntu Pro
slurmdbd (Ubuntu package): before Ubuntu Pro
slurm-llnl (Ubuntu package): before Ubuntu Pro
libslurmdb29 (Ubuntu package): before Ubuntu Pro
slurm-wlm-emulator (Ubuntu package): before Ubuntu Pro
slurm-client-emulator (Ubuntu package): before Ubuntu Pro
slurm-wlm-torque (Ubuntu package): before Ubuntu Pro
slurmd (Ubuntu package): before Ubuntu Pro
libpam-slurm (Ubuntu package): before Ubuntu Pro
slurm-client (Ubuntu package): before Ubuntu Pro
slurm-wlm (Ubuntu package): before Ubuntu Pro
libpmi0 (Ubuntu package): before Ubuntu Pro
libslurm29 (Ubuntu package): before Ubuntu Pro
libslurm-perl (Ubuntu package): before Ubuntu Pro
slurmctld (Ubuntu package): before Ubuntu Pro
CPE2.3 External linkshttp://ubuntu.com/security/notices/USN-4781-2
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
