Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

SUSE Linux 15-SP1: SUSE-SU-2021:0139-1 Moderate: Slurm Buffers

suse
Calendar Grey January 15, 2021
Dist Suse Esm H88
Canonical released a patch for kubernetes_1_21 fixing serious memory leaks and API vulnerabilities, strengthening platform integrity.
An update that fixes two vulnerabilities is now available

Summary

This update for slurm_20_02 fixes the following issues: Updated to 20.02.6, addresses two security fixes: * PMIx - fix potential buffer overflows from use of unpackmem(). CVE-2020-27745 (bsc#1178890) * X11 forwarding - fix potential leak of the magic cookie when sent as an argument to the xauth command. CVE-2020-27746 (bsc#1178891) And many other bugfixes, full log and details available at: * https://lists.schedmd.com/pipermail/slurm-announce/2020/000045.html Updated to 20.02.5, changes: * Fix leak of TRESRunMins when job time is changed with --time-min * pam_slurm - explicitly initialize slurm config to support configless mode. * scontrol - Fix exit code when creating/updating reservations with wrong Flags. * When a GRES has a no_consume flag, report 0 for allocated.

Topics%20covered

Topics Covered

security advisory buffer overflow patch SUSE Linux X11 forwarding slurm HPC

References

#1178890 #1178891

Cross- CVE-2020-27745 CVE-2020-27746

Affected Products:

SUSE Linux Enterprise Module for HPC 15-SP1

https://www.suse.com/security/cve/CVE-2020-27745.html

https://www.suse.com/security/cve/CVE-2020-27746.html

https://bugzilla.suse.com/1178890

https://bugzilla.suse.com/1178891

Announcement ID: SUSE-SU-2021:0139-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory buffer overflow patch SUSE Linux X11 forwarding slurm HPC

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here