PT-2023-28164 · Schedmd+2 · Slurm+2

François Diakhate

·

Published

2023-10-11

·

Updated

2026-05-06

·

CVE-2023-41914

CVSS v3.1

7.0

High

VectorAV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions SchedMD Slurm versions 23.02.x through 23.02.5 SchedMD Slurm versions 22.05.x through 22.05.9
Description The issue allows filesystem race conditions, which can be exploited to gain ownership of a file, overwrite a file, or delete files. SchedMD customers were informed about the issue and provided a patch on request.
Recommendations For SchedMD Slurm versions 23.02.x through 23.02.5, update to version 23.02.6 to resolve the issue. For SchedMD Slurm versions 22.05.x through 22.05.9, update to version 22.05.10 to resolve the issue.

Fix

Race Condition

Weakness Enumeration

CWE-362

Related Identifiers

CVE-2023-41914
DSA-5529-1
OPENSUSE-SU-2023_4329-1
OPENSUSE-SU-2024:13330-1
OPENSUSE-SU-2024_0279-1
OPENSUSE-SU-2024_0288-1
SUSE-SU-2023:4113-1
SUSE-SU-2023:4114-1
SUSE-SU-2023:4115-1
SUSE-SU-2023:4116-1
SUSE-SU-2023:4117-1
SUSE-SU-2023:4118-1
SUSE-SU-2023:4119-1
SUSE-SU-2023:4120-1
SUSE-SU-2023:4121-1
SUSE-SU-2023:4329-1
SUSE-SU-2023:4563-1
SUSE-SU-2023:4564-1
SUSE-SU-2023:4565-1
SUSE-SU-2023:4566-1
SUSE-SU-2023:4578-1
SUSE-SU-2023:4579-1
SUSE-SU-2023:4580-1
SUSE-SU-2023:4581-1
SUSE-SU-2023:4582-1
SUSE-SU-2023_4113-1
SUSE-SU-2023_4115-1
SUSE-SU-2023_4116-1
SUSE-SU-2023_4117-1
SUSE-SU-2023_4118-1
SUSE-SU-2023_4119-1
SUSE-SU-2023_4120-1
SUSE-SU-2023_4121-1
SUSE-SU-2023_4329-1
SUSE-SU-2023_4563-1
SUSE-SU-2023_4564-1
SUSE-SU-2023_4565-1
SUSE-SU-2023_4566-1
SUSE-SU-2023_4578-1
SUSE-SU-2023_4579-1
SUSE-SU-2023_4580-1
SUSE-SU-2023_4581-1
SUSE-SU-2023_4582-1
SUSE-SU-2024:0279-1
SUSE-SU-2024:0288-1
SUSE-SU-2024:0309-1
SUSE-SU-2024:0313-1
SUSE-SU-2024:0314-1
SUSE-SU-2024_0288-1
SUSE-SU-2024_0309-1
SUSE-SU-2024_0313-1
USN-8236-1

Affected Products

Debian
Slurm
Suse