Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Ubuntu 18.04 LTS Slurm Critical Socket Issue CVE-2022-29501

ubuntu
Calendar Grey April 23, 2026
Dist Ubuntu Esm H88
Slurm's improper access control may allow data to be sent to sockets, risking root access. Update to secure your system.
Slurm could be made to send data to an arbitrary unix socket on the host.

Summary

Slurm could be made to send data to an arbitrary unix socket on the host.

Software Description:

- slurm-llnl: Simple Linux Utility for Resource Management

Details:

It was discovered that Slurm did not properly handle access control when

dealing with RPC traffic through PMI2 and PMIx, which could allow an

unprivileged user to send data to an arbitrary unix socket on the host.

An attacker could possibly use this issue to execute arbitrary code as

the root user.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS
  libpam-slurm                    17.11.2-1ubuntu0.1~esm5
                                  Available with Ubuntu Pro
  libpmi0                         17.11.2-1ubuntu0.1~esm5
                                  Available with Ubuntu Pro
  libpmi2-0                       17.11.2-1ubuntu0.1~esm5
                                  Available with Ubuntu Pro
  libslurm32                      17.11.2-1ubuntu0.1~esm5
                                  Available with Ubuntu Pro
  libslurmdb32                    17.11.2-1ubuntu0.1~esm5
                                  Available with Ubuntu Pro
  slurm-client                    17.11.2-1ubuntu0.1~esm5
                                  Available with Ubuntu Pro
  slurm-wlm                       17.11.2-1ubuntu0.1~esm5
                                  Available with Ubuntu Pro
  slurmctld                       17.11.2-1ubuntu0.1~esm5
                                  Available with Ubuntu Pro
  slurmd                          17.11.2-1ubuntu0.1~esm5
                                  Available with Ubuntu Pro
  slurmdbd                        17.11.2-1ubuntu0.1~esm5
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  libpam-slurm                    15.08.7-1ubuntu0.1~esm6
                                  Available with Ubuntu Pro
  libpmi0                         15.08.7-1ubuntu0.1~esm6
                                  Available with Ubuntu Pro
  libslurm29                      15.08.7-1ubuntu0.1~esm6
                                  Available with Ubuntu Pro
  libslurmdb29                    15.08.7-1ubuntu0.1~esm6
                                  Available with Ubuntu Pro
  slurm-client                    15.08.7-1ubuntu0.1~esm6
                                  Available with Ubuntu Pro
  slurm-llnl                      15.08.7-1ubuntu0.1~esm6
                                  Available with Ubuntu Pro
  slurm-wlm                       15.08.7-1ubuntu0.1~esm6
                                  Available with Ubuntu Pro
  slurmctld                       15.08.7-1ubuntu0.1~esm6
                                  Available with Ubuntu Pro
  slurmd                          15.08.7-1ubuntu0.1~esm6
                                  Available with Ubuntu Pro
  slurmdbd                        15.08.7-1ubuntu0.1~esm6
                                  Available with Ubuntu Pro

Ubuntu 14.04 LTS
  libpam-slurm                    2.6.5-1ubuntu0.1~esm7
                                  Available with Ubuntu Pro
  libpmi0                         2.6.5-1ubuntu0.1~esm7
                                  Available with Ubuntu Pro
  libslurm26                      2.6.5-1ubuntu0.1~esm7
                                  Available with Ubuntu Pro
  libslurmdb26                    2.6.5-1ubuntu0.1~esm7
                                  Available with Ubuntu Pro
  slurm-llnl                      2.6.5-1ubuntu0.1~esm7
                                  Available with Ubuntu Pro

After a standard system update you need to restart Slurm to make all the
necessary changes.

References

https://ubuntu.com/security/notices/USN-8197-1

CVE-2022-29501

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8197-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here