Important: slurm Buffer Overflow in SUSE Linux Enterprise Module for HPC
suse
November 24, 2020
An update that solves two vulnerabilities and has one errata is now available
Summary
This update for slurm fixes the following issues: - Updated to 20.02.6: * CVE-2020-27745: PMIx - fix potential buffer overflows from use of unpackmem() (bsc#1178890). * CVE-2020-27746: X11 forwarding - fix potential leak of the magic cookie when sent as an argument to the xauth command (bsc#1178891). * Added support for openPMIx (bsc#1173805). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for HPC 15-SP2: zypper in -t patch SUSE-SLE-Module-HPC-15-SP2-2020-3506=1 Package List: - SUSE Linux Enterprise Module for HPC 15-SP2 (aarch64 x86_64): libnss_slurm2-20.02.6-3.3.4 libnss_slurm2-debuginfo-20.02.6-3.3.4
References
#1173805 #1178890 #1178891
Cross- CVE-2020-27745 CVE-2020-27746
Affected Products:
SUSE Linux Enterprise Module for HPC 15-SP2
https://www.suse.com/security/cve/CVE-2020-27745.html
https://www.suse.com/security/cve/CVE-2020-27746.html
https://bugzilla.suse.com/1173805
https://bugzilla.suse.com/1178890
https://bugzilla.suse.com/1178891
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2020:3506-1
Rating: important
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!