PT-2022-20640 · Opensuse+1 · Slurm+1

Johannes Segitz

Published

2022-09-07

Updated

2023-06-22

CVE-2022-31251

CVSS v3.1

6.5

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H

Name of the Vulnerable Software and Affected Versions openSUSE Factory slurm versions prior to 22.05.2-3.3

Description A vulnerability in the packaging of the slurm testsuite of openSUSE Factory allows local attackers with control over the slurm user to escalate to root.

Recommendations For openSUSE Factory slurm versions prior to 22.05.2-3.3, update to version 22.05.2-3.3 or later to resolve the issue.

Exploit

Fix

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

CVE-2022-31251

OPENSUSE-SU-2022_3462-1

OPENSUSE-SU-2022_3468-1

OPENSUSE-SU-2022_3490-1

OPENSUSE-SU-2022_3491-1

OPENSUSE-SU-2022_3535-1

OPENSUSE-SU-2024:12225-1

SUSE-RU-2022:4297-1

SUSE-RU-2022:4348-1

SUSE-RU-2022:4361-1

SUSE-RU-2022:4362-1

SUSE-SU-2022:3454-1

SUSE-SU-2022:3462-1

SUSE-SU-2022:3468-1

SUSE-SU-2022:3477-1

SUSE-SU-2022:3490-1

SUSE-SU-2022:3491-1

SUSE-SU-2022:3497-1

SUSE-SU-2022:3535-1

Affected Products

Suse

Slurm

PT-2022-20640 · Opensuse+1 · Slurm+1

CVE-2022-31251

Weakness Enumeration

Related Identifiers

Affected Products

References · 42