CVE-2023-41915

CVSS v3.1

8.1

High

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions OpenPMIx PMIx versions 4.2.6 and earlier, 5.0.x before 5.0.1

Description The issue is related to a race condition during the execution of library code with UID 0, allowing attackers to obtain ownership of arbitrary files. This can potentially lead to unauthorized access to confidential data.

Recommendations For OpenPMIx PMIx versions 4.2.6 and earlier, update to version 4.2.6 or later. For OpenPMIx PMIx 5.0.x before 5.0.1, update to version 5.0.1 or later.

Fix

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

ALSA-2024:2199

ALSA-2024:3008

AZL-29702

BDU:2024-02538

CESA-2024_3008

CVE-2023-41915

DLA-3643-1

DSA-5547-1

INFSA-2024_2199

INFSA-2024_3008

MGASA-2024-0162

OESA-2023-1676

OPENSUSE-SU-2023_3859-1

OPENSUSE-SU-2024:13223-1

RHSA-2024:2199

RHSA-2024:3008

RHSA-2024_2199

RHSA-2024_3008

RLSA-2024:3008

SUSE-SU-2023:3859-1

SUSE-SU-2023_3859-1

USN-6434-1

Affected Products

Almalinux

Astra Linux

Centos

Linuxmint

Openpmix Pmix

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

CVE-2023-41915

Weakness Enumeration

Related Identifiers

Affected Products

References · 61