Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -2 articles for you...
172
security advisorycriticalprivilege escalationUbuntu 25.04: Critical Privilege Escalation in Open VM Tools USN-7785-1
Open VM Tools could be made to run programs as an administrator.. ========================================================================== Ubuntu Security Notice USN-7785-1 September 29, 2025 open-vm-tools vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.04 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Open VM Tools could be made to run programs as an administrator. Software Description: - open-vm-tools: Open VMware Tools for virtual machines hosted on VMware Details: It was discovered that Open VM Tools incorrectly handled permissions with version checking. An attacker could possibly use this issue to escalate privileges inside a virtual machine. This update disables the SDMP get-versions.sh script, so version information may no longer be made available. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.04 open-vm-tools 2:12.5.0-1ubuntu0.2 Ubuntu 24.04 LTS open-vm-tools 2:12.5.0-1~ubuntu0.24.04.2 Ubuntu 22.04 LTS open-vm-tools 2:12.3.5-3~ubuntu0.22.04.3 Ubuntu 20.04 LTS open-vm-tools 2:11.3.0-2ubuntu0~ubuntu20.04.8+esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7785-1 CVE-2025-41244 Package Information: https://launchpad.net/ubuntu/+source/open-vm-tools/2:12.5.0-1ubuntu0.2 https://launchpad.net/ubuntu/+source/open-vm-tools/2:12.5.0-1~ubuntu0.24.04.2 https://launchpad.net/ubuntu/+source/open-vm-tools/2:12.3.5-3~ubuntu0.22.04.3 . Open VM Tools flaw enables admin program execution, risking privilege escalation across Ubuntu releases. Update recommended.. Ubuntu security, Open VM Tools, privilege escalation, admin rights. . Severity: Critical.LinuxSecurity.com Team
Sep 29, 2025
•Critical
Ubuntu
87
security advisorycriticaldebianDebian DSA-5961-1 slurm-wlm critical: improper permission escalation
Sekou Diakite from HPE discovered a mistake with permission handling for Coordinators within the accounting system of Slurm Workload Manager, a cluster resource management and job scheduling system, that it could allow a Coordinator to promote a user to Administrator. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-5961-1
Jul 08, 2025
•Critical
Debian
100
security advisoryCriticalSUSESUSE: 2025:01761-1 important: slurm_24_11 critical: issue with permissions
* bsc#1243666 Cross-References: * CVE-2025-43904 . # Security update for slurm_24_11 Announcement ID: SUSE-SU-2025:01761-1 Release Date: 2025-05-29T16:08:50Z Rating: important References: * bsc#1243666 Cross-References: * CVE-2025-43904 CVSS scores: * CVE-2025-43904 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-43904 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * HPC Module 15-SP6 * openSUSE Leap 15.3 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for slurm_24_11 fixes the following issues: Update to version 24.11.5. Security issues fixed: * CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator (bsc#1243666). Other changes and issues fixed: * Changes from version 24.11.5 * Return error to `scontrol` reboot on bad nodelists. * `slurmrestd` \- Report an error when QOS resolution fails for v0.0.40 endpoints. * `slurmrestd` \- Report an error when QOS resolution fails for v0.0.41 endpoints. * `slurmrestd` \- Report an error when QOS resolution fails for v0.0.42 endpoints. * `data_parser/v0.0.42` \- Added `+inline_enums` flag which modifies the output when generating OpenAPI specification. It causes enum arrays to not be defined in their ownschema with references (`$ref`) to them. Instead they will be dumped inline. * Fix binding error with `tres-bind map/mask` on partial node allocations. * Fix `stepmgr` enabled steps being able to request features. * Reject step creation if requested feature is not available in job. * `slurmd` \- Restrict listening for new incoming RPC requests further into startup. * `slurmd` \- Avoid `auth/slurm` related hangs of CLI commands during startup and shutdown. * `slurmctld` \- Restrict processing new incoming RPC requests further into startup. Stop processing requests sooner during shutdown. * `slurmcltd` \- Avoid auth/slurm related hangs of CLI commands during startup and shutdown. * `slurmctld` \- Avoid race condition during shutdown or ereconfigure that could result in a crash due delayed processing of a connection while plugins are unloaded. * Fix small memleak when getting the job list from the database. * Fix incorrect printing of `%` escape characters when printing stdio fields for jobs. * Fix padding parsing when printing stdio fields for jobs. * Fix printing `%A` array job id when expanding patterns. * Fix reservations causing jobs to be held for `Bad Constraints`. * `switch/hpe_slingshot` \- Prevent potential segfault on failed curl request to the fabric manager. * Fix printing incorrect array job id when expanding stdio file names. The `%A` will now be substituted by the correct value. * Fix printing incorrect array job id when expanding stdio file names. The `%A` will now be substituted by the correct value. * `switch/hpe_slingshot` \- Fix VNI range not updating on slurmctld restart or reconfigre. * Fix steps not being created when using certain combinations of `-c` and `-n` inferior to the jobs requested resources, when using stepmgr and nodes are configured with `CPUs == Sockets*CoresPerSocket`. * Permit configuring the number of retry attempts to destroy CXI service via the new destroy_retries`SwitchParameter`. * Do not reset `memory.high` and `memory.swap.max` in slurmd startup or reconfigure as we are never really touching this in `slurmd`. * Fix reconfigure failure of slurmd when it has been started manually and the `CoreSpecLimits` have been removed from `slurm.conf`. * Set or reset CoreSpec limits when slurmd is reconfigured and it was started with systemd. * `switch/hpe-slingshot` \- Make sure the slurmctld can free step VNIs after the controller restarts or reconfigures while the job is running. * Fix backup `slurmctld` failure on 2nd takeover. * Changes from version 24.11.4 * `slurmctld`,`slurmrestd` \- Avoid possible race condition that could have caused process to crash when listener socket was closed while accepting a new connection. * `slurmrestd` \- Avoid race condition that could have resulted in address logged for a UNIX socket to be incorrect. * `slurmrestd` \- Fix parameters in OpenAPI specification for the following endpoints to have `job_id` field: `GET /slurm/v0.0.40/jobs/state/ GET /slurm/v0.0.41/jobs/state/ GET /slurm/v0.0.42/jobs/state/ GET /slurm/v0.0.43/jobs/state/` * `slurmd` \- Fix tracking of thread counts that could cause incoming connections to be ignored after burst of simultaneous incoming connections that trigger delayed response logic. * Avoid unnecessary `SRUN_TIMEOUT` forwarding to `stepmgr`. * Fix jobs being scheduled on higher weighted powered down nodes. * Fix how backfill scheduler filters nodes from the available nodes based on exclusive user and `mcs_label` requirements. * `acct_gather_energy/{gpu,ipmi}` \- Fix potential energy consumption adjustment calculation underflow. * `acct_gather_energy/ipmi` \- Fix regression introduced in 24.05.5 (which introduced the new way of preserving energy measurements through slurmd restarts) when `EnergyIPMICalcAdjustment=yes`. * Prevent `slurmctld` deadlock in the assoc mgr. * Fix memory leak when `RestrictedCoresPerGPU` isenabled. * Fix preemptor jobs not entering execution due to wrong calculation of accounting policy limits. * Fix certain job requests that were incorrectly denied with node configuration unavailable error. * `slurmd` \- Avoid crash due when slurmd has a communications failure with `slurmstepd`. * Fix memory leak when parsing yaml input. * Prevent `slurmctld` from showing error message about `PreemptMode=GANG` being a cluster-wide option for `scontrol update part` calls that don't attempt to modify partition PreemptMode. * Fix setting `GANG` preemption on partition when updating `PreemptMode` with `scontrol`. * Fix `CoreSpec` and `MemSpec` limits not being removed from previously configured slurmd. * Avoid race condition that could lead to a deadlock when `slurmd`, `slurmstepd`, `slurmctld`, `slurmrestd` or `sackd` have a fatal event. * Fix jobs using `--ntasks-per-node` and `--mem` keep pending forever when the requested mem divided by the number of CPUs will surpass the configured `MaxMemPerCPU`. * `slurmd` \- Fix address logged upon new incoming RPC connection from `INVALID` to IP address. * Fix memory leak when retrieving reservations. This affects `scontrol`, `sinfo`, `sview`, and the following `slurmrestd` endpoints: `GET /slurm/{any_data_parser}/reservation/{reservation_name}` `GET /slurm/{any_data_parser}/reservations` * Log warning instead of `debuflags=conmgr` gated log when deferring new incoming connections when number of active connections exceed `conmgr_max_connections`. * Avoid race condition that could result in worker thread pool not activating all threads at once after a reconfigure resulting in lower utilization of available CPU threads until enough internal activity wakes up all threads in the worker pool. * Avoid theoretical race condition that could result in new incoming RPC socket connections being ignored after reconfigure. * slurmd - Avoid race condition that could result in astate where new incoming RPC connections will always be ignored. * Add ReconfigFlags=KeepNodeStateFuture to restore saved `FUTURE` node state on restart and reconfig instead of reverting to `FUTURE` state. This will be made the default in 25.05. * Fix case where hetjob submit would cause `slurmctld` to crash. * Fix jobs using `--cpus-per-gpu` and `--mem` keep pending forever when the requested mem divided by the number of CPUs will surpass the configured `MaxMemPerCPU`. * Enforce that jobs using `--mem` and several `--*-per-*` options do not violate the `MaxMemPerCPU` in place. * `slurmctld` \- Fix use-cases of jobs incorrectly pending held when `--prefer` features are not initially satisfied. * `slurmctld` \- Fix jobs incorrectly held when `--prefer` not satisfied in some use-cases. * Ensure `RestrictedCoresPerGPU` and `CoreSpecCount` don't overlap. * Changes from version 24.11.3 * Fix database cluster ID generation not being random. * Fix a regression in which `slurmd -G` gave no output. * Fix a long-standing crash in `slurmctld` after updating a reservation with an empty nodelist. The crash could occur after restarting slurmctld, or if downing/draining a node in the reservation with the `REPLACE` or `REPLACE_DOWN` flag. * Avoid changing process name to "`watch`" from original daemon name. This could potentially breaking some monitoring scripts. * Avoid `slurmctld` being killed by `SIGALRM` due to race condition at startup. * Fix race condition in slurmrestd that resulted in "`Requested data_parser plugin does not support OpenAPI plugin`" error being returned for valid endpoints. * Fix race between `task/cgroup` CPUset and `jobacctgather/cgroup`. The first was removing the pid from `task_X` cgroup directory causing memory limits to not being applied. * If multiple partitions are requested, set the `SLURM_JOB_PARTITION` output environment variable to the partition in which the job is running for `salloc` and `srun` in order to match the documentation and the behavior of `sbatch`. * `srun` \- Fixed wrongly constructed `SLURM_CPU_BIND` env variable that could get propagated to downward srun calls in certain mpi environments, causing launch failures. * Don't print misleading errors for stepmgr enabled steps. * `slurmrestd` \- Avoid connection to slurmdbd for the following endpoints: `GET /slurm/v0.0.41/jobs GET /slurm/v0.0.41/job/{job_id}` * `slurmrestd` \- Avoid connection to slurmdbd for the following endpoints: `GET /slurm/v0.0.40/jobs GET /slurm/v0.0.40/job/{job_id}` * `slurmrestd` \- Fix possible memory leak when parsing arrays with `data_parser/v0.0.40`. * `slurmrestd` \- Fix possible memory leak when parsing arrays with `data_parser/v0.0.41`. * `slurmrestd` \- Fix possible memory leak when parsing arrays with `data_parser/v0.0.42`. * Changes from version 24.11.2 * Fix segfault when submitting `--test-only` jobs that can preempt. * Fix regression introduced in 23.11 that prevented the following flags from being added to a reservation on an update: `DAILY`, `HOURLY`, `WEEKLY`, `WEEKDAY`, and `WEEKEND`. * Fix crash and issues evaluating job's suitability for running in nodes with already suspended job(s) there. * `slurmctld` will ensure that healthy nodes are not reported as `UnavailableNodes` in job reason codes. * Fix handling of jobs submitted to a current reservation with flags `OVERLAP,FLEX` or `OVERLAP,ANY_NODES` when it overlaps nodes with a future maintenance reservation. When a job submission had a time limit that overlapped with the future maintenance reservation, it was rejected. Now the job is accepted but stays pending with the reason "`ReqNodeNotAvail, Reserved for maintenance`". * `pam_slurm_adopt` \- avoid errors when explicitly setting some arguments to the default value. * Fix QOS preemption with `PreemptMode=SUSPEND`. * `slurmdbd` \- When changing a user's name update lineage atthe same time. * Fix regression in 24.11 in which `burst_buffer.lua` does not inherit the `SLURM_CONF` environment variable from `slurmctld` and fails to run if slurm.conf is in a non-standard location. * Fix memory leak in slurmctld if `select/linear` and the `PreemptParameters=reclaim_licenses` options are both set in `slurm.conf`. Regression in 24.11.1. * Fix running jobs, that requested multiple partitions, from potentially being set to the wrong partition on restart. * `switch/hpe_slingshot` \- Fix compatibility with newer cxi drivers, specifically when specifying `disable_rdzv_get`. * Add `ABORT_ON_FATAL` environment variable to capture a backtrace from any `fatal()` message. * Fix printing invalid address in rate limiting log statement. * `sched/backfill` \- Fix node state `PLANNED` not being cleared from fully allocated nodes during a backfill cycle. * `select/cons_tres` \- Fix future planning of jobs with `bf_licenses`. * Prevent redundant "`on_data returned rc: Rate limit exceeded, please retry momentarily`" error message from being printed in slurmctld logs. * Fix loading non-default QOS on pending jobs from pre-24.11 state. * Fix pending jobs displaying `QOS=(null)` when not explicitly requesting a QOS. * Fix segfault issue from job record with no `job_resrcs`. * Fix failing `sacctmgr delete/modify/show` account operations with `where` clauses. * Fix regression in 24.11 in which Slurm daemons started catching several `SIGTSTP`, `SIGTTIN` and `SIGUSR1` signals and ignored them, while before they were not ignoring them. This also caused slurmctld to not being able to shutdown after a `SIGTSTP` because slurmscriptd caught the signal and stopped while slurmctld ignored it. Unify and fix these situations and get back to the previous behavior for these signals. * Document that `SIGQUIT` is no longer ignored by `slurmctld`, `slurmdbd`, and slurmd in 24.11. As of 24.11.0rc1, `SIGQUIT` is identical to `SIGINT`and `SIGTERM` for these daemons, but this change was not documented. * Fix not considering nodes marked for reboot without ASAP in the scheduler. * Remove the `boot^` state on unexpected node reboot after return to service. * Do not allow new jobs to start on a node which is being rebooted with the flag `nextstate=resume`. * Prevent lower priority job running after cancelling an ASAP reboot. * Fix srun jobs starting on `nextstate=resume` rebooting nodes. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1761=1 * HPC Module 15-SP6 zypper in -t patch SUSE-SLE-Module-HPC-15-SP6-2025-1761=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1761=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1761=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1761=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1761=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1761=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1761=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * slurm_24_11-plugins-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-hdf5-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-24.11.5-150300.7.8.1 * slurm_24_11-24.11.5-150300.7.8.1 * slurm_24_11-plugins-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-24.11.5-150300.7.8.1 *libnss_slurm2_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-lua-debuginfo-24.11.5-150300.7.8.1 * libpmi0_24_11-24.11.5-150300.7.8.1 * slurm_24_11-munge-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-sql-24.11.5-150300.7.8.1 * slurm_24_11-hdf5-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-debuginfo-24.11.5-150300.7.8.1 * libslurm42-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-cray-24.11.5-150300.7.8.1 * slurm_24_11-lua-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-24.11.5-150300.7.8.1 * slurm_24_11-torque-debuginfo-24.11.5-150300.7.8.1 * perl-slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-devel-24.11.5-150300.7.8.1 * slurm_24_11-rest-24.11.5-150300.7.8.1 * slurm_24_11-torque-24.11.5-150300.7.8.1 * slurm_24_11-sview-24.11.5-150300.7.8.1 * slurm_24_11-sview-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-24.11.5-150300.7.8.1 * slurm_24_11-debugsource-24.11.5-150300.7.8.1 * slurm_24_11-testsuite-24.11.5-150300.7.8.1 * libslurm42-24.11.5-150300.7.8.1 * slurm_24_11-cray-debuginfo-24.11.5-150300.7.8.1 * libpmi0_24_11-debuginfo-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-rest-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-24.11.5-150300.7.8.1 * perl-slurm_24_11-24.11.5-150300.7.8.1 * openSUSE Leap 15.6 (noarch) * slurm_24_11-seff-24.11.5-150300.7.8.1 * slurm_24_11-sjstat-24.11.5-150300.7.8.1 * slurm_24_11-config-24.11.5-150300.7.8.1 * slurm_24_11-doc-24.11.5-150300.7.8.1 * slurm_24_11-config-man-24.11.5-150300.7.8.1 * slurm_24_11-openlava-24.11.5-150300.7.8.1 * slurm_24_11-webdoc-24.11.5-150300.7.8.1 * HPC Module 15-SP6 (aarch64 x86_64) * slurm_24_11-plugins-debuginfo-24.11.5-150300.7.8.1 *slurm_24_11-node-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-hdf5-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-24.11.5-150300.7.8.1 * slurm_24_11-24.11.5-150300.7.8.1 * slurm_24_11-plugins-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-lua-debuginfo-24.11.5-150300.7.8.1 * libpmi0_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-debuginfo-24.11.5-150300.7.8.1 * libslurm42-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-cray-24.11.5-150300.7.8.1 * slurm_24_11-lua-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-24.11.5-150300.7.8.1 * slurm_24_11-torque-debuginfo-24.11.5-150300.7.8.1 * perl-slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-devel-24.11.5-150300.7.8.1 * slurm_24_11-rest-24.11.5-150300.7.8.1 * slurm_24_11-torque-24.11.5-150300.7.8.1 * slurm_24_11-sview-24.11.5-150300.7.8.1 * slurm_24_11-sview-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-24.11.5-150300.7.8.1 * libslurm42-24.11.5-150300.7.8.1 * libpmi0_24_11-debuginfo-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-rest-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-24.11.5-150300.7.8.1 * perl-slurm_24_11-24.11.5-150300.7.8.1 * HPC Module 15-SP6 (noarch) * slurm_24_11-config-man-24.11.5-150300.7.8.1 * slurm_24_11-config-24.11.5-150300.7.8.1 * slurm_24_11-webdoc-24.11.5-150300.7.8.1 * slurm_24_11-doc-24.11.5-150300.7.8.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * slurm_24_11-plugins-debuginfo-24.11.5-150300.7.8.1 *slurm_24_11-node-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-hdf5-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-24.11.5-150300.7.8.1 * slurm_24_11-24.11.5-150300.7.8.1 * slurm_24_11-plugins-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-lua-debuginfo-24.11.5-150300.7.8.1 * libpmi0_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-debuginfo-24.11.5-150300.7.8.1 * libslurm42-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-cray-24.11.5-150300.7.8.1 * slurm_24_11-lua-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-24.11.5-150300.7.8.1 * slurm_24_11-torque-debuginfo-24.11.5-150300.7.8.1 * perl-slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-devel-24.11.5-150300.7.8.1 * slurm_24_11-rest-24.11.5-150300.7.8.1 * slurm_24_11-torque-24.11.5-150300.7.8.1 * slurm_24_11-sview-24.11.5-150300.7.8.1 * slurm_24_11-sview-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-24.11.5-150300.7.8.1 * libslurm42-24.11.5-150300.7.8.1 * libpmi0_24_11-debuginfo-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-rest-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-24.11.5-150300.7.8.1 * perl-slurm_24_11-24.11.5-150300.7.8.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * slurm_24_11-config-man-24.11.5-150300.7.8.1 * slurm_24_11-config-24.11.5-150300.7.8.1 * slurm_24_11-webdoc-24.11.5-150300.7.8.1 * slurm_24_11-doc-24.11.5-150300.7.8.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) *slurm_24_11-plugins-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-hdf5-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-24.11.5-150300.7.8.1 * slurm_24_11-24.11.5-150300.7.8.1 * slurm_24_11-plugins-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-lua-debuginfo-24.11.5-150300.7.8.1 * libpmi0_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-debuginfo-24.11.5-150300.7.8.1 * libslurm42-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-cray-24.11.5-150300.7.8.1 * slurm_24_11-lua-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-24.11.5-150300.7.8.1 * slurm_24_11-torque-debuginfo-24.11.5-150300.7.8.1 * perl-slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-devel-24.11.5-150300.7.8.1 * slurm_24_11-rest-24.11.5-150300.7.8.1 * slurm_24_11-torque-24.11.5-150300.7.8.1 * slurm_24_11-sview-24.11.5-150300.7.8.1 * slurm_24_11-sview-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-24.11.5-150300.7.8.1 * libslurm42-24.11.5-150300.7.8.1 * libpmi0_24_11-debuginfo-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-rest-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-24.11.5-150300.7.8.1 * perl-slurm_24_11-24.11.5-150300.7.8.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * slurm_24_11-config-man-24.11.5-150300.7.8.1 * slurm_24_11-config-24.11.5-150300.7.8.1 * slurm_24_11-webdoc-24.11.5-150300.7.8.1 * slurm_24_11-doc-24.11.5-150300.7.8.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4(aarch64 x86_64) * slurm_24_11-plugins-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-hdf5-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-24.11.5-150300.7.8.1 * slurm_24_11-24.11.5-150300.7.8.1 * slurm_24_11-plugins-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-lua-debuginfo-24.11.5-150300.7.8.1 * libpmi0_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-debuginfo-24.11.5-150300.7.8.1 * libslurm42-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-cray-24.11.5-150300.7.8.1 * slurm_24_11-lua-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-24.11.5-150300.7.8.1 * slurm_24_11-torque-debuginfo-24.11.5-150300.7.8.1 * perl-slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-devel-24.11.5-150300.7.8.1 * slurm_24_11-rest-24.11.5-150300.7.8.1 * slurm_24_11-torque-24.11.5-150300.7.8.1 * slurm_24_11-sview-24.11.5-150300.7.8.1 * slurm_24_11-sview-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-24.11.5-150300.7.8.1 * libslurm42-24.11.5-150300.7.8.1 * libpmi0_24_11-debuginfo-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-rest-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-24.11.5-150300.7.8.1 * perl-slurm_24_11-24.11.5-150300.7.8.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * slurm_24_11-config-man-24.11.5-150300.7.8.1 * slurm_24_11-config-24.11.5-150300.7.8.1 * slurm_24_11-webdoc-24.11.5-150300.7.8.1 * slurm_24_11-doc-24.11.5-150300.7.8.1 * SUSE Linux Enterprise HighPerformance Computing ESPOS 15 SP5 (aarch64 x86_64) * slurm_24_11-plugins-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-hdf5-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-24.11.5-150300.7.8.1 * slurm_24_11-24.11.5-150300.7.8.1 * slurm_24_11-plugins-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-lua-debuginfo-24.11.5-150300.7.8.1 * libpmi0_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-debuginfo-24.11.5-150300.7.8.1 * libslurm42-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-cray-24.11.5-150300.7.8.1 * slurm_24_11-lua-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-24.11.5-150300.7.8.1 * slurm_24_11-torque-debuginfo-24.11.5-150300.7.8.1 * perl-slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-devel-24.11.5-150300.7.8.1 * slurm_24_11-rest-24.11.5-150300.7.8.1 * slurm_24_11-torque-24.11.5-150300.7.8.1 * slurm_24_11-sview-24.11.5-150300.7.8.1 * slurm_24_11-sview-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-24.11.5-150300.7.8.1 * libslurm42-24.11.5-150300.7.8.1 * libpmi0_24_11-debuginfo-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-rest-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-24.11.5-150300.7.8.1 * perl-slurm_24_11-24.11.5-150300.7.8.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * slurm_24_11-config-man-24.11.5-150300.7.8.1 * slurm_24_11-config-24.11.5-150300.7.8.1 * slurm_24_11-webdoc-24.11.5-150300.7.8.1 * slurm_24_11-doc-24.11.5-150300.7.8.1 *SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * slurm_24_11-plugins-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-hdf5-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-24.11.5-150300.7.8.1 * slurm_24_11-24.11.5-150300.7.8.1 * slurm_24_11-plugins-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-lua-debuginfo-24.11.5-150300.7.8.1 * libpmi0_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-debuginfo-24.11.5-150300.7.8.1 * libslurm42-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-cray-24.11.5-150300.7.8.1 * slurm_24_11-lua-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-24.11.5-150300.7.8.1 * slurm_24_11-torque-debuginfo-24.11.5-150300.7.8.1 * perl-slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-devel-24.11.5-150300.7.8.1 * slurm_24_11-rest-24.11.5-150300.7.8.1 * slurm_24_11-torque-24.11.5-150300.7.8.1 * slurm_24_11-sview-24.11.5-150300.7.8.1 * slurm_24_11-sview-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-24.11.5-150300.7.8.1 * libslurm42-24.11.5-150300.7.8.1 * libpmi0_24_11-debuginfo-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-rest-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-24.11.5-150300.7.8.1 * perl-slurm_24_11-24.11.5-150300.7.8.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * slurm_24_11-config-man-24.11.5-150300.7.8.1 * slurm_24_11-config-24.11.5-150300.7.8.1 * slurm_24_11-webdoc-24.11.5-150300.7.8.1 *slurm_24_11-doc-24.11.5-150300.7.8.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * slurm_24_11-plugins-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-hdf5-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-node-24.11.5-150300.7.8.1 * slurm_24_11-24.11.5-150300.7.8.1 * slurm_24_11-plugins-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-24.11.5-150300.7.8.1 * slurm_24_11-sql-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-lua-debuginfo-24.11.5-150300.7.8.1 * libpmi0_24_11-24.11.5-150300.7.8.1 * slurm_24_11-munge-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-sql-24.11.5-150300.7.8.1 * slurm_24_11-hdf5-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-debuginfo-24.11.5-150300.7.8.1 * libslurm42-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-cray-24.11.5-150300.7.8.1 * slurm_24_11-lua-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-auth-none-24.11.5-150300.7.8.1 * slurm_24_11-torque-debuginfo-24.11.5-150300.7.8.1 * perl-slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-devel-24.11.5-150300.7.8.1 * slurm_24_11-rest-24.11.5-150300.7.8.1 * slurm_24_11-torque-24.11.5-150300.7.8.1 * slurm_24_11-sview-24.11.5-150300.7.8.1 * slurm_24_11-sview-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-pam_slurm-24.11.5-150300.7.8.1 * slurm_24_11-debugsource-24.11.5-150300.7.8.1 * slurm_24_11-testsuite-24.11.5-150300.7.8.1 * libslurm42-24.11.5-150300.7.8.1 * slurm_24_11-cray-debuginfo-24.11.5-150300.7.8.1 * libpmi0_24_11-debuginfo-24.11.5-150300.7.8.1 * libnss_slurm2_24_11-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-rest-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-slurmdbd-debuginfo-24.11.5-150300.7.8.1 * slurm_24_11-munge-24.11.5-150300.7.8.1 * perl-slurm_24_11-24.11.5-150300.7.8.1 * openSUSE Leap 15.3(noarch) * slurm_24_11-seff-24.11.5-150300.7.8.1 * slurm_24_11-sjstat-24.11.5-150300.7.8.1 * slurm_24_11-config-24.11.5-150300.7.8.1 * slurm_24_11-doc-24.11.5-150300.7.8.1 * slurm_24_11-config-man-24.11.5-150300.7.8.1 * slurm_24_11-openlava-24.11.5-150300.7.8.1 * slurm_24_11-webdoc-24.11.5-150300.7.8.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43904.html * https://bugzilla.suse.com/show_bug.cgi?id=1243666 . The latest Fedora kernel_15_05 release tackles vulnerabilities related to user access controls.. slurm_24_11, security update, permission handling, HPC Module, SUSE. . Severity: Important. LinuxSecurity.com Team
May 29, 2025
•Important
SuSE
100
security advisoryimportantSUSESUSE: 2025:01755-1 important: Fix for slurm permission issue
* bsc#1243666 Cross-References: * CVE-2025-43904 . # Security update for slurm_22_05 Announcement ID: SUSE-SU-2025:01755-1 Release Date: 2025-05-29T14:37:35Z Rating: important References: * bsc#1243666 Cross-References: * CVE-2025-43904 CVSS scores: * CVE-2025-43904 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-43904 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * HPC Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for slurm_22_05 fixes the following issues: * CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator (bsc#1243666). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * HPC Module 12 zypper in -t patch SUSE-SLE-Module-HPC-12-2025-1755=1 ## Package List: * HPC Module 12 (aarch64 x86_64) * slurm_22_05-debuginfo-22.05.11-3.12.1 * slurm_22_05-auth-none-debuginfo-22.05.11-3.12.1 * slurm_22_05-debugsource-22.05.11-3.12.1 * slurm_22_05-lua-debuginfo-22.05.11-3.12.1 *libnss_slurm2_22_05-debuginfo-22.05.11-3.12.1 * slurm_22_05-devel-22.05.11-3.12.1 * slurm_22_05-munge-debuginfo-22.05.11-3.12.1 * slurm_22_05-sql-22.05.11-3.12.1 * libpmi0_22_05-22.05.11-3.12.1 * slurm_22_05-node-debuginfo-22.05.11-3.12.1 * slurm_22_05-plugins-22.05.11-3.12.1 * slurm_22_05-node-22.05.11-3.12.1 * slurm_22_05-sql-debuginfo-22.05.11-3.12.1 * slurm_22_05-lua-22.05.11-3.12.1 * slurm_22_05-22.05.11-3.12.1 * slurm_22_05-pam_slurm-debuginfo-22.05.11-3.12.1 * perl-slurm_22_05-debuginfo-22.05.11-3.12.1 * perl-slurm_22_05-22.05.11-3.12.1 * libnss_slurm2_22_05-22.05.11-3.12.1 * libslurm38-debuginfo-22.05.11-3.12.1 * slurm_22_05-torque-22.05.11-3.12.1 * slurm_22_05-sview-22.05.11-3.12.1 * slurm_22_05-torque-debuginfo-22.05.11-3.12.1 * slurm_22_05-pam_slurm-22.05.11-3.12.1 * slurm_22_05-sview-debuginfo-22.05.11-3.12.1 * libpmi0_22_05-debuginfo-22.05.11-3.12.1 * slurm_22_05-auth-none-22.05.11-3.12.1 * libslurm38-22.05.11-3.12.1 * slurm_22_05-munge-22.05.11-3.12.1 * slurm_22_05-slurmdbd-22.05.11-3.12.1 * slurm_22_05-plugins-debuginfo-22.05.11-3.12.1 * slurm_22_05-slurmdbd-debuginfo-22.05.11-3.12.1 * HPC Module 12 (noarch) * slurm_22_05-webdoc-22.05.11-3.12.1 * slurm_22_05-config-man-22.05.11-3.12.1 * slurm_22_05-doc-22.05.11-3.12.1 * slurm_22_05-config-22.05.11-3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43904.html * https://bugzilla.suse.com/show_bug.cgi?id=1243666 . Urgent patch released by SUSE correcting authorization vulnerabilities in slurm_22_05, impacting various HPC systems and servers.. SUSE Security Update, slurm_22_05, permission handling issue, HPC vulnerabilities, SUSE Linux Enterprise. . Severity: Important. LinuxSecurity.com Team
May 29, 2025
•Important
SuSE
100
security advisorycriticalSUSE LinuxSUSE: 2025:01756-1 critical: slurm_22_05 permission elevation
* bsc#1243666 Cross-References: * CVE-2025-43904 . # Security update for slurm_22_05 Announcement ID: SUSE-SU-2025:01756-1 Release Date: 2025-05-29T14:39:19Z Rating: important References: * bsc#1243666 Cross-References: * CVE-2025-43904 CVSS scores: * CVE-2025-43904 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-43904 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for slurm_22_05 fixes the following issues: * CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator (bsc#1243666). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1756=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1756=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1756=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1756=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1756=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) *slurm_22_05-torque-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-22.05.11-150300.7.12.1 * slurm_22_05-hdf5-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-torque-22.05.11-150300.7.12.1 * libnss_slurm2_22_05-22.05.11-150300.7.12.1 * slurm_22_05-debugsource-22.05.11-150300.7.12.1 * slurm_22_05-hdf5-22.05.11-150300.7.12.1 * slurm_22_05-testsuite-22.05.11-150300.7.12.1 * slurm_22_05-lua-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-auth-none-22.05.11-150300.7.12.1 * libslurm38-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-rest-22.05.11-150300.7.12.1 * slurm_22_05-node-22.05.11-150300.7.12.1 * slurm_22_05-node-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-auth-none-debuginfo-22.05.11-150300.7.12.1 * libnss_slurm2_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-rest-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-devel-22.05.11-150300.7.12.1 * slurm_22_05-pam_slurm-22.05.11-150300.7.12.1 * slurm_22_05-plugins-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-openlava-22.05.11-150300.7.12.1 * libslurm38-22.05.11-150300.7.12.1 * slurm_22_05-munge-debuginfo-22.05.11-150300.7.12.1 * perl-slurm_22_05-22.05.11-150300.7.12.1 * slurm_22_05-sjstat-22.05.11-150300.7.12.1 * slurm_22_05-lua-22.05.11-150300.7.12.1 * slurm_22_05-plugins-22.05.11-150300.7.12.1 * perl-slurm_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-cray-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-cray-22.05.11-150300.7.12.1 * slurm_22_05-munge-22.05.11-150300.7.12.1 * slurm_22_05-slurmdbd-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-sql-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-seff-22.05.11-150300.7.12.1 * slurm_22_05-sql-22.05.11-150300.7.12.1 * libpmi0_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-slurmdbd-22.05.11-150300.7.12.1 * slurm_22_05-sview-22.05.11-150300.7.12.1 * slurm_22_05-sview-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-debuginfo-22.05.11-150300.7.12.1 *slurm_22_05-pam_slurm-debuginfo-22.05.11-150300.7.12.1 * libpmi0_22_05-22.05.11-150300.7.12.1 * openSUSE Leap 15.3 (noarch) * slurm_22_05-webdoc-22.05.11-150300.7.12.1 * slurm_22_05-config-man-22.05.11-150300.7.12.1 * slurm_22_05-doc-22.05.11-150300.7.12.1 * slurm_22_05-config-22.05.11-150300.7.12.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * slurm_22_05-torque-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-22.05.11-150300.7.12.1 * slurm_22_05-hdf5-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-torque-22.05.11-150300.7.12.1 * libnss_slurm2_22_05-22.05.11-150300.7.12.1 * slurm_22_05-debugsource-22.05.11-150300.7.12.1 * slurm_22_05-hdf5-22.05.11-150300.7.12.1 * slurm_22_05-testsuite-22.05.11-150300.7.12.1 * slurm_22_05-lua-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-auth-none-22.05.11-150300.7.12.1 * libslurm38-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-rest-22.05.11-150300.7.12.1 * slurm_22_05-node-22.05.11-150300.7.12.1 * slurm_22_05-node-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-auth-none-debuginfo-22.05.11-150300.7.12.1 * libnss_slurm2_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-rest-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-devel-22.05.11-150300.7.12.1 * slurm_22_05-pam_slurm-22.05.11-150300.7.12.1 * slurm_22_05-plugins-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-openlava-22.05.11-150300.7.12.1 * libslurm38-22.05.11-150300.7.12.1 * slurm_22_05-munge-debuginfo-22.05.11-150300.7.12.1 * perl-slurm_22_05-22.05.11-150300.7.12.1 * slurm_22_05-sjstat-22.05.11-150300.7.12.1 * slurm_22_05-lua-22.05.11-150300.7.12.1 * slurm_22_05-plugins-22.05.11-150300.7.12.1 * perl-slurm_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-cray-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-cray-22.05.11-150300.7.12.1 * slurm_22_05-munge-22.05.11-150300.7.12.1 * slurm_22_05-slurmdbd-debuginfo-22.05.11-150300.7.12.1 *slurm_22_05-sql-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-seff-22.05.11-150300.7.12.1 * slurm_22_05-sql-22.05.11-150300.7.12.1 * libpmi0_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-slurmdbd-22.05.11-150300.7.12.1 * slurm_22_05-sview-22.05.11-150300.7.12.1 * slurm_22_05-sview-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-pam_slurm-debuginfo-22.05.11-150300.7.12.1 * libpmi0_22_05-22.05.11-150300.7.12.1 * openSUSE Leap 15.6 (noarch) * slurm_22_05-webdoc-22.05.11-150300.7.12.1 * slurm_22_05-config-man-22.05.11-150300.7.12.1 * slurm_22_05-doc-22.05.11-150300.7.12.1 * slurm_22_05-config-22.05.11-150300.7.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * slurm_22_05-torque-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-22.05.11-150300.7.12.1 * slurm_22_05-torque-22.05.11-150300.7.12.1 * libnss_slurm2_22_05-22.05.11-150300.7.12.1 * slurm_22_05-debugsource-22.05.11-150300.7.12.1 * slurm_22_05-lua-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-auth-none-22.05.11-150300.7.12.1 * libslurm38-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-rest-22.05.11-150300.7.12.1 * slurm_22_05-node-22.05.11-150300.7.12.1 * slurm_22_05-node-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-auth-none-debuginfo-22.05.11-150300.7.12.1 * libnss_slurm2_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-rest-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-devel-22.05.11-150300.7.12.1 * slurm_22_05-pam_slurm-22.05.11-150300.7.12.1 * slurm_22_05-plugins-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-munge-debuginfo-22.05.11-150300.7.12.1 * libslurm38-22.05.11-150300.7.12.1 * perl-slurm_22_05-22.05.11-150300.7.12.1 * slurm_22_05-lua-22.05.11-150300.7.12.1 * slurm_22_05-plugins-22.05.11-150300.7.12.1 * perl-slurm_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-munge-22.05.11-150300.7.12.1 *slurm_22_05-slurmdbd-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-sql-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-sql-22.05.11-150300.7.12.1 * libpmi0_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-slurmdbd-22.05.11-150300.7.12.1 * slurm_22_05-sview-22.05.11-150300.7.12.1 * slurm_22_05-sview-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-pam_slurm-debuginfo-22.05.11-150300.7.12.1 * libpmi0_22_05-22.05.11-150300.7.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * slurm_22_05-webdoc-22.05.11-150300.7.12.1 * slurm_22_05-config-man-22.05.11-150300.7.12.1 * slurm_22_05-doc-22.05.11-150300.7.12.1 * slurm_22_05-config-22.05.11-150300.7.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * slurm_22_05-torque-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-22.05.11-150300.7.12.1 * slurm_22_05-torque-22.05.11-150300.7.12.1 * libnss_slurm2_22_05-22.05.11-150300.7.12.1 * slurm_22_05-debugsource-22.05.11-150300.7.12.1 * slurm_22_05-lua-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-auth-none-22.05.11-150300.7.12.1 * libslurm38-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-rest-22.05.11-150300.7.12.1 * slurm_22_05-node-22.05.11-150300.7.12.1 * slurm_22_05-node-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-auth-none-debuginfo-22.05.11-150300.7.12.1 * libnss_slurm2_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-rest-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-devel-22.05.11-150300.7.12.1 * slurm_22_05-pam_slurm-22.05.11-150300.7.12.1 * slurm_22_05-plugins-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-munge-debuginfo-22.05.11-150300.7.12.1 * libslurm38-22.05.11-150300.7.12.1 * perl-slurm_22_05-22.05.11-150300.7.12.1 * slurm_22_05-lua-22.05.11-150300.7.12.1 * slurm_22_05-plugins-22.05.11-150300.7.12.1 *perl-slurm_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-cray-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-cray-22.05.11-150300.7.12.1 * slurm_22_05-munge-22.05.11-150300.7.12.1 * slurm_22_05-slurmdbd-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-sql-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-sql-22.05.11-150300.7.12.1 * libpmi0_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-slurmdbd-22.05.11-150300.7.12.1 * slurm_22_05-sview-22.05.11-150300.7.12.1 * slurm_22_05-sview-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-pam_slurm-debuginfo-22.05.11-150300.7.12.1 * libpmi0_22_05-22.05.11-150300.7.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * slurm_22_05-webdoc-22.05.11-150300.7.12.1 * slurm_22_05-config-man-22.05.11-150300.7.12.1 * slurm_22_05-doc-22.05.11-150300.7.12.1 * slurm_22_05-config-22.05.11-150300.7.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * slurm_22_05-torque-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-22.05.11-150300.7.12.1 * slurm_22_05-torque-22.05.11-150300.7.12.1 * libnss_slurm2_22_05-22.05.11-150300.7.12.1 * slurm_22_05-debugsource-22.05.11-150300.7.12.1 * slurm_22_05-lua-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-auth-none-22.05.11-150300.7.12.1 * libslurm38-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-rest-22.05.11-150300.7.12.1 * slurm_22_05-node-22.05.11-150300.7.12.1 * slurm_22_05-node-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-auth-none-debuginfo-22.05.11-150300.7.12.1 * libnss_slurm2_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-rest-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-devel-22.05.11-150300.7.12.1 * slurm_22_05-pam_slurm-22.05.11-150300.7.12.1 * slurm_22_05-plugins-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-munge-debuginfo-22.05.11-150300.7.12.1 *libslurm38-22.05.11-150300.7.12.1 * perl-slurm_22_05-22.05.11-150300.7.12.1 * slurm_22_05-lua-22.05.11-150300.7.12.1 * slurm_22_05-plugins-22.05.11-150300.7.12.1 * perl-slurm_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-cray-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-cray-22.05.11-150300.7.12.1 * slurm_22_05-munge-22.05.11-150300.7.12.1 * slurm_22_05-slurmdbd-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-sql-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-sql-22.05.11-150300.7.12.1 * libpmi0_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-slurmdbd-22.05.11-150300.7.12.1 * slurm_22_05-sview-22.05.11-150300.7.12.1 * slurm_22_05-sview-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-debuginfo-22.05.11-150300.7.12.1 * slurm_22_05-pam_slurm-debuginfo-22.05.11-150300.7.12.1 * libpmi0_22_05-22.05.11-150300.7.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * slurm_22_05-webdoc-22.05.11-150300.7.12.1 * slurm_22_05-config-man-22.05.11-150300.7.12.1 * slurm_22_05-doc-22.05.11-150300.7.12.1 * slurm_22_05-config-22.05.11-150300.7.12.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43904.html * https://bugzilla.suse.com/show_bug.cgi?id=1243666 . A significant patch has been released for slurm_22_05 addressing a vital vulnerability in account permission management specifically for SUSE systems.. security update, slurm permission issue, SUSE Linux patch, openSUSE advisory, Linux security. . Severity: Important. LinuxSecurity.com Team
May 29, 2025
•Important
SuSE
202
security advisoryimportantopenSUSEopenSUSE: 2025:01758-1 important: slurm_23_02 permission handling issue
An update that solves one vulnerability can now be installed.. # Security update for slurm_23_02 Announcement ID: SUSE-SU-2025:01758-1 Release Date: 2025-05-29T14:49:13Z Rating: important References: * bsc#1243666 Cross-References: * CVE-2025-43904 CVSS scores: * CVE-2025-43904 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-43904 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * HPC Module 15-SP7 * openSUSE Leap 15.3 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for slurm_23_02 fixes the following issues: * CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator (bsc#1243666). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1758=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1758=1 * HPC Module 15-SP7 zypper in -t patch SUSE-SLE-Module-HPC-15-SP7-2025-1758=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1758=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1758=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patchSUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1758=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * slurm_23_02-debugsource-23.02.7-150300.7.20.1 * slurm_23_02-plugin-ext-sensors-rrd-23.02.7-150300.7.20.1 * slurm_23_02-torque-23.02.7-150300.7.20.1 * slurm_23_02-devel-23.02.7-150300.7.20.1 * slurm_23_02-munge-23.02.7-150300.7.20.1 * slurm_23_02-plugins-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-node-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-hdf5-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-sql-23.02.7-150300.7.20.1 * slurm_23_02-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-hdf5-23.02.7-150300.7.20.1 * slurm_23_02-plugins-23.02.7-150300.7.20.1 * slurm_23_02-pam_slurm-23.02.7-150300.7.20.1 * slurm_23_02-rest-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-slurmdbd-23.02.7-150300.7.20.1 * slurm_23_02-23.02.7-150300.7.20.1 * slurm_23_02-lua-23.02.7-150300.7.20.1 * slurm_23_02-sview-23.02.7-150300.7.20.1 * slurm_23_02-node-23.02.7-150300.7.20.1 * slurm_23_02-cray-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-lua-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-auth-none-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-munge-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-sql-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-auth-none-23.02.7-150300.7.20.1 * slurm_23_02-rest-23.02.7-150300.7.20.1 * slurm_23_02-cray-23.02.7-150300.7.20.1 * slurm_23_02-pam_slurm-debuginfo-23.02.7-150300.7.20.1 * libpmi0_23_02-23.02.7-150300.7.20.1 * libpmi0_23_02-debuginfo-23.02.7-150300.7.20.1 * perl-slurm_23_02-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-torque-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-slurmdbd-debuginfo-23.02.7-150300.7.20.1 * libnss_slurm2_23_02-23.02.7-150300.7.20.1 * slurm_23_02-plugin-ext-sensors-rrd-debuginfo-23.02.7-150300.7.20.1 * perl-slurm_23_02-23.02.7-150300.7.20.1 * slurm_23_02-sview-debuginfo-23.02.7-150300.7.20.1 *slurm_23_02-testsuite-23.02.7-150300.7.20.1 * libslurm39-23.02.7-150300.7.20.1 * libnss_slurm2_23_02-debuginfo-23.02.7-150300.7.20.1 * libslurm39-debuginfo-23.02.7-150300.7.20.1 * openSUSE Leap 15.3 (noarch) * slurm_23_02-doc-23.02.7-150300.7.20.1 * slurm_23_02-config-man-23.02.7-150300.7.20.1 * slurm_23_02-sjstat-23.02.7-150300.7.20.1 * slurm_23_02-config-23.02.7-150300.7.20.1 * slurm_23_02-webdoc-23.02.7-150300.7.20.1 * slurm_23_02-seff-23.02.7-150300.7.20.1 * slurm_23_02-openlava-23.02.7-150300.7.20.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * slurm_23_02-debugsource-23.02.7-150300.7.20.1 * slurm_23_02-plugin-ext-sensors-rrd-23.02.7-150300.7.20.1 * slurm_23_02-torque-23.02.7-150300.7.20.1 * slurm_23_02-devel-23.02.7-150300.7.20.1 * slurm_23_02-munge-23.02.7-150300.7.20.1 * slurm_23_02-plugins-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-node-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-hdf5-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-sql-23.02.7-150300.7.20.1 * slurm_23_02-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-hdf5-23.02.7-150300.7.20.1 * slurm_23_02-plugins-23.02.7-150300.7.20.1 * slurm_23_02-rest-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-slurmdbd-23.02.7-150300.7.20.1 * slurm_23_02-23.02.7-150300.7.20.1 * slurm_23_02-lua-23.02.7-150300.7.20.1 * slurm_23_02-sview-23.02.7-150300.7.20.1 * slurm_23_02-node-23.02.7-150300.7.20.1 * slurm_23_02-cray-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-lua-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-auth-none-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-munge-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-sql-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-auth-none-23.02.7-150300.7.20.1 * slurm_23_02-rest-23.02.7-150300.7.20.1 * slurm_23_02-cray-23.02.7-150300.7.20.1 * slurm_23_02-pam_slurm-debuginfo-23.02.7-150300.7.20.1 * libpmi0_23_02-23.02.7-150300.7.20.1 *libpmi0_23_02-debuginfo-23.02.7-150300.7.20.1 * perl-slurm_23_02-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-torque-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-slurmdbd-debuginfo-23.02.7-150300.7.20.1 * libnss_slurm2_23_02-23.02.7-150300.7.20.1 * slurm_23_02-plugin-ext-sensors-rrd-debuginfo-23.02.7-150300.7.20.1 * perl-slurm_23_02-23.02.7-150300.7.20.1 * slurm_23_02-sview-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-testsuite-23.02.7-150300.7.20.1 * slurm_23_02-pam_slurm-23.02.7-150300.7.20.1 * libnss_slurm2_23_02-debuginfo-23.02.7-150300.7.20.1 * openSUSE Leap 15.6 (noarch) * slurm_23_02-doc-23.02.7-150300.7.20.1 * slurm_23_02-config-man-23.02.7-150300.7.20.1 * slurm_23_02-sjstat-23.02.7-150300.7.20.1 * slurm_23_02-config-23.02.7-150300.7.20.1 * slurm_23_02-webdoc-23.02.7-150300.7.20.1 * slurm_23_02-seff-23.02.7-150300.7.20.1 * slurm_23_02-openlava-23.02.7-150300.7.20.1 * HPC Module 15-SP7 (noarch) * slurm_23_02-config-23.02.7-150300.7.20.1 * HPC Module 15-SP7 (aarch64 x86_64) * slurm_23_02-plugins-23.02.7-150300.7.20.1 * slurm_23_02-debugsource-23.02.7-150300.7.20.1 * slurm_23_02-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-plugins-debuginfo-23.02.7-150300.7.20.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * slurm_23_02-debugsource-23.02.7-150300.7.20.1 * slurm_23_02-plugin-ext-sensors-rrd-23.02.7-150300.7.20.1 * slurm_23_02-torque-23.02.7-150300.7.20.1 * slurm_23_02-devel-23.02.7-150300.7.20.1 * slurm_23_02-munge-23.02.7-150300.7.20.1 * slurm_23_02-plugins-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-node-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-sql-23.02.7-150300.7.20.1 * slurm_23_02-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-plugins-23.02.7-150300.7.20.1 * slurm_23_02-pam_slurm-23.02.7-150300.7.20.1 * slurm_23_02-rest-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-slurmdbd-23.02.7-150300.7.20.1 *slurm_23_02-23.02.7-150300.7.20.1 * slurm_23_02-lua-23.02.7-150300.7.20.1 * slurm_23_02-sview-23.02.7-150300.7.20.1 * slurm_23_02-node-23.02.7-150300.7.20.1 * slurm_23_02-cray-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-lua-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-auth-none-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-munge-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-sql-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-auth-none-23.02.7-150300.7.20.1 * slurm_23_02-rest-23.02.7-150300.7.20.1 * slurm_23_02-cray-23.02.7-150300.7.20.1 * slurm_23_02-pam_slurm-debuginfo-23.02.7-150300.7.20.1 * libpmi0_23_02-23.02.7-150300.7.20.1 * libpmi0_23_02-debuginfo-23.02.7-150300.7.20.1 * perl-slurm_23_02-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-torque-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-slurmdbd-debuginfo-23.02.7-150300.7.20.1 * libnss_slurm2_23_02-23.02.7-150300.7.20.1 * slurm_23_02-plugin-ext-sensors-rrd-debuginfo-23.02.7-150300.7.20.1 * perl-slurm_23_02-23.02.7-150300.7.20.1 * slurm_23_02-sview-debuginfo-23.02.7-150300.7.20.1 * libslurm39-23.02.7-150300.7.20.1 * libnss_slurm2_23_02-debuginfo-23.02.7-150300.7.20.1 * libslurm39-debuginfo-23.02.7-150300.7.20.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * slurm_23_02-config-23.02.7-150300.7.20.1 * slurm_23_02-webdoc-23.02.7-150300.7.20.1 * slurm_23_02-doc-23.02.7-150300.7.20.1 * slurm_23_02-config-man-23.02.7-150300.7.20.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * slurm_23_02-debugsource-23.02.7-150300.7.20.1 * slurm_23_02-plugin-ext-sensors-rrd-23.02.7-150300.7.20.1 * slurm_23_02-torque-23.02.7-150300.7.20.1 * slurm_23_02-devel-23.02.7-150300.7.20.1 * slurm_23_02-munge-23.02.7-150300.7.20.1 * slurm_23_02-plugins-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-node-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-sql-23.02.7-150300.7.20.1 *slurm_23_02-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-plugins-23.02.7-150300.7.20.1 * slurm_23_02-pam_slurm-23.02.7-150300.7.20.1 * slurm_23_02-rest-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-slurmdbd-23.02.7-150300.7.20.1 * slurm_23_02-23.02.7-150300.7.20.1 * slurm_23_02-lua-23.02.7-150300.7.20.1 * slurm_23_02-sview-23.02.7-150300.7.20.1 * slurm_23_02-node-23.02.7-150300.7.20.1 * slurm_23_02-cray-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-lua-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-auth-none-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-munge-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-sql-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-auth-none-23.02.7-150300.7.20.1 * slurm_23_02-rest-23.02.7-150300.7.20.1 * slurm_23_02-cray-23.02.7-150300.7.20.1 * slurm_23_02-pam_slurm-debuginfo-23.02.7-150300.7.20.1 * libpmi0_23_02-23.02.7-150300.7.20.1 * libpmi0_23_02-debuginfo-23.02.7-150300.7.20.1 * perl-slurm_23_02-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-torque-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-slurmdbd-debuginfo-23.02.7-150300.7.20.1 * libnss_slurm2_23_02-23.02.7-150300.7.20.1 * slurm_23_02-plugin-ext-sensors-rrd-debuginfo-23.02.7-150300.7.20.1 * perl-slurm_23_02-23.02.7-150300.7.20.1 * slurm_23_02-sview-debuginfo-23.02.7-150300.7.20.1 * libslurm39-23.02.7-150300.7.20.1 * libnss_slurm2_23_02-debuginfo-23.02.7-150300.7.20.1 * libslurm39-debuginfo-23.02.7-150300.7.20.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * slurm_23_02-config-23.02.7-150300.7.20.1 * slurm_23_02-webdoc-23.02.7-150300.7.20.1 * slurm_23_02-doc-23.02.7-150300.7.20.1 * slurm_23_02-config-man-23.02.7-150300.7.20.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * slurm_23_02-debugsource-23.02.7-150300.7.20.1 * slurm_23_02-plugin-ext-sensors-rrd-23.02.7-150300.7.20.1 * slurm_23_02-torque-23.02.7-150300.7.20.1 * slurm_23_02-devel-23.02.7-150300.7.20.1 * slurm_23_02-munge-23.02.7-150300.7.20.1 * slurm_23_02-plugins-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-node-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-sql-23.02.7-150300.7.20.1 * slurm_23_02-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-plugins-23.02.7-150300.7.20.1 * slurm_23_02-pam_slurm-23.02.7-150300.7.20.1 * slurm_23_02-rest-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-slurmdbd-23.02.7-150300.7.20.1 * slurm_23_02-23.02.7-150300.7.20.1 * slurm_23_02-lua-23.02.7-150300.7.20.1 * slurm_23_02-sview-23.02.7-150300.7.20.1 * slurm_23_02-node-23.02.7-150300.7.20.1 * slurm_23_02-cray-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-lua-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-auth-none-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-munge-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-sql-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-auth-none-23.02.7-150300.7.20.1 * slurm_23_02-rest-23.02.7-150300.7.20.1 * slurm_23_02-cray-23.02.7-150300.7.20.1 * slurm_23_02-pam_slurm-debuginfo-23.02.7-150300.7.20.1 * libpmi0_23_02-23.02.7-150300.7.20.1 * libpmi0_23_02-debuginfo-23.02.7-150300.7.20.1 * perl-slurm_23_02-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-torque-debuginfo-23.02.7-150300.7.20.1 * slurm_23_02-slurmdbd-debuginfo-23.02.7-150300.7.20.1 * libnss_slurm2_23_02-23.02.7-150300.7.20.1 * slurm_23_02-plugin-ext-sensors-rrd-debuginfo-23.02.7-150300.7.20.1 * perl-slurm_23_02-23.02.7-150300.7.20.1 * slurm_23_02-sview-debuginfo-23.02.7-150300.7.20.1 * libslurm39-23.02.7-150300.7.20.1 * libnss_slurm2_23_02-debuginfo-23.02.7-150300.7.20.1 * libslurm39-debuginfo-23.02.7-150300.7.20.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * slurm_23_02-config-23.02.7-150300.7.20.1 * slurm_23_02-webdoc-23.02.7-150300.7.20.1 * slurm_23_02-doc-23.02.7-150300.7.20.1 *slurm_23_02-config-man-23.02.7-150300.7.20.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43904.html * https://bugzilla.suse.com/show_bug.cgi?id=1243666 . This advisory outlines a solution for a vulnerability in slurm_23_02 on openSUSE, correcting issues related to permission management.. SUSE Linux, slurm_23_02, high performance computing, openSUSE. . Severity: Important. LinuxSecurity.com Team
May 29, 2025
•Important
OpenSUSE
100
security advisorysecurity issueimportantSUSE 2025:01760-1 important: slurm permission handling issue fix
* bsc#1243666 Cross-References: * CVE-2025-43904 . # Security update for slurm Announcement ID: SUSE-SU-2025:01760-1 Release Date: 2025-05-29T14:54:19Z Rating: important References: * bsc#1243666 Cross-References: * CVE-2025-43904 CVSS scores: * CVE-2025-43904 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-43904 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for slurm fixes the following issues: * CVE-2025-43904: an issue with permission handling for Coordinators within the accounting system allowed Coordinators to promote a user to Administrator (bsc#1243666). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1760=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1760=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le x86_64) * slurm-munge-20.11.9-150300.4.15.1 * slurm-slurmdbd-debuginfo-20.11.9-150300.4.15.1 * slurm-pam_slurm-20.11.9-150300.4.15.1 * slurm-sql-20.11.9-150300.4.15.1 * slurm-config-man-20.11.9-150300.4.15.1 * libslurm36-20.11.9-150300.4.15.1 * slurm-doc-20.11.9-150300.4.15.1 * slurm-sview-debuginfo-20.11.9-150300.4.15.1 * slurm-torque-debuginfo-20.11.9-150300.4.15.1 * slurm-plugins-20.11.9-150300.4.15.1 * slurm-devel-20.11.9-150300.4.15.1 * slurm-debugsource-20.11.9-150300.4.15.1 * slurm-seff-20.11.9-150300.4.15.1 * slurm-webdoc-20.11.9-150300.4.15.1 *slurm-auth-none-20.11.9-150300.4.15.1 * slurm-torque-20.11.9-150300.4.15.1 * slurm-node-20.11.9-150300.4.15.1 * perl-slurm-20.11.9-150300.4.15.1 * slurm-slurmdbd-20.11.9-150300.4.15.1 * slurm-auth-none-debuginfo-20.11.9-150300.4.15.1 * libnss_slurm2-20.11.9-150300.4.15.1 * slurm-munge-debuginfo-20.11.9-150300.4.15.1 * slurm-debuginfo-20.11.9-150300.4.15.1 * slurm-config-20.11.9-150300.4.15.1 * slurm-sview-20.11.9-150300.4.15.1 * slurm-pam_slurm-debuginfo-20.11.9-150300.4.15.1 * slurm-sjstat-20.11.9-150300.4.15.1 * libnss_slurm2-debuginfo-20.11.9-150300.4.15.1 * slurm-hdf5-20.11.9-150300.4.15.1 * libpmi0-20.11.9-150300.4.15.1 * slurm-plugins-debuginfo-20.11.9-150300.4.15.1 * slurm-hdf5-debuginfo-20.11.9-150300.4.15.1 * slurm-openlava-20.11.9-150300.4.15.1 * libslurm36-debuginfo-20.11.9-150300.4.15.1 * slurm-lua-20.11.9-150300.4.15.1 * libpmi0-debuginfo-20.11.9-150300.4.15.1 * slurm-cray-debuginfo-20.11.9-150300.4.15.1 * slurm-testsuite-20.11.9-150300.4.15.1 * slurm-sql-debuginfo-20.11.9-150300.4.15.1 * slurm-rest-20.11.9-150300.4.15.1 * perl-slurm-debuginfo-20.11.9-150300.4.15.1 * slurm-lua-debuginfo-20.11.9-150300.4.15.1 * slurm-node-debuginfo-20.11.9-150300.4.15.1 * slurm-cray-20.11.9-150300.4.15.1 * slurm-20.11.9-150300.4.15.1 * slurm-rest-debuginfo-20.11.9-150300.4.15.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * slurm-munge-20.11.9-150300.4.15.1 * slurm-slurmdbd-debuginfo-20.11.9-150300.4.15.1 * slurm-pam_slurm-20.11.9-150300.4.15.1 * slurm-sql-20.11.9-150300.4.15.1 * slurm-config-man-20.11.9-150300.4.15.1 * libslurm36-20.11.9-150300.4.15.1 * slurm-doc-20.11.9-150300.4.15.1 * slurm-sview-debuginfo-20.11.9-150300.4.15.1 * slurm-torque-debuginfo-20.11.9-150300.4.15.1 * slurm-plugins-20.11.9-150300.4.15.1 * slurm-devel-20.11.9-150300.4.15.1 * slurm-debugsource-20.11.9-150300.4.15.1 *slurm-webdoc-20.11.9-150300.4.15.1 * slurm-auth-none-20.11.9-150300.4.15.1 * slurm-torque-20.11.9-150300.4.15.1 * slurm-node-20.11.9-150300.4.15.1 * perl-slurm-20.11.9-150300.4.15.1 * slurm-slurmdbd-20.11.9-150300.4.15.1 * slurm-auth-none-debuginfo-20.11.9-150300.4.15.1 * libnss_slurm2-20.11.9-150300.4.15.1 * slurm-munge-debuginfo-20.11.9-150300.4.15.1 * slurm-debuginfo-20.11.9-150300.4.15.1 * slurm-config-20.11.9-150300.4.15.1 * slurm-sview-20.11.9-150300.4.15.1 * slurm-pam_slurm-debuginfo-20.11.9-150300.4.15.1 * libnss_slurm2-debuginfo-20.11.9-150300.4.15.1 * libpmi0-20.11.9-150300.4.15.1 * slurm-plugins-debuginfo-20.11.9-150300.4.15.1 * libslurm36-debuginfo-20.11.9-150300.4.15.1 * slurm-lua-20.11.9-150300.4.15.1 * libpmi0-debuginfo-20.11.9-150300.4.15.1 * slurm-sql-debuginfo-20.11.9-150300.4.15.1 * slurm-rest-20.11.9-150300.4.15.1 * perl-slurm-debuginfo-20.11.9-150300.4.15.1 * slurm-lua-debuginfo-20.11.9-150300.4.15.1 * slurm-node-debuginfo-20.11.9-150300.4.15.1 * slurm-20.11.9-150300.4.15.1 * slurm-rest-debuginfo-20.11.9-150300.4.15.1 ## References: * https://www.suse.com/security/cve/CVE-2025-43904.html * https://bugzilla.suse.com/show_bug.cgi?id=1243666 . SUSE introduces a significant patch for slurm, focusing on a security flaw concerning admin privilege management.. SUSE Linux, slurm update, permission handling, security patch, security advisory. . Severity: Important. LinuxSecurity.com Team
May 29, 2025
•Important
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!