CVE-2026-25506

Name of the Vulnerable Software and Affected Versions MUNGE versions 0.5.0 through 0.5.17

Description MUNGE (MUNGE Uid 'N' Gid Emporium) is an authentication service used by workload managers like Slurm. A buffer overflow exists in the munged daemon, specifically within the msg unpack function when processing messages. This allows a local attacker to potentially forge MUNGE credentials, leading to arbitrary code execution and potential privilege escalation to root. The vulnerability occurs when processing messages with an oversized address length field, corrupting the internal state of munged and enabling the extraction of the MAC subkey used for credential verification. The vulnerability has existed for approximately 20 years. Exploitation involves heap manipulation techniques like tcache poisoning and heap shaping.

Recommendations Update to version 0.5.18 or later.