UBUNTU-CVE-2023-49938
- Source
- https://ubuntu.com/security/CVE-2023-49938
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-49938.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2023-49938
- Upstream
- Published
- 2023-12-14T05:15:00Z
- Modified
- 2025-10-24T05:02:22Z
- Severity
-
- 8.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
An issue was discovered in SchedMD Slurm 22.05.x and 23.02.x. There is Incorrect Access Control: an attacker can modified their extended group list that is used with the sbcast subsystem, and open files with an unauthorized set of extended groups. The fixed versions are 22.05.11 and 23.02.7.
- References
Affected packages
Ubuntu:Pro:14.04:LTS / slurm-llnl
Package
- Name
- slurm-llnl
- Purl
- pkg:deb/ubuntu/slurm-llnl@2.6.5-1ubuntu0.1~esm6?arch=source&distro=esm-infra-legacy/trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.5.7-1
2.5.7-1build1
2.6.4-1ubuntu1
2.6.5-1
2.6.5-1ubuntu0.1~esm4
2.6.5-1ubuntu0.1~esm5
2.6.5-1ubuntu0.1~esm6
Ecosystem specific
{
"binaries": [
{
"binary_name": "libpam-slurm",
"binary_version": "2.6.5-1ubuntu0.1~esm6"
},
{
"binary_name": "libpmi0",
"binary_version": "2.6.5-1ubuntu0.1~esm6"
},
{
"binary_name": "libpmi0-dev",
"binary_version": "2.6.5-1ubuntu0.1~esm6"
},
{
"binary_name": "libslurm-dev",
"binary_version": "2.6.5-1ubuntu0.1~esm6"
},
{
"binary_name": "libslurm-perl",
"binary_version": "2.6.5-1ubuntu0.1~esm6"
},
{
"binary_name": "libslurm26",
"binary_version": "2.6.5-1ubuntu0.1~esm6"
},
{
"binary_name": "libslurmdb-dev",
"binary_version": "2.6.5-1ubuntu0.1~esm6"
},
{
"binary_name": "libslurmdb-perl",
"binary_version": "2.6.5-1ubuntu0.1~esm6"
},
{
"binary_name": "libslurmdb26",
"binary_version": "2.6.5-1ubuntu0.1~esm6"
},
{
"binary_name": "slurm-llnl",
"binary_version": "2.6.5-1ubuntu0.1~esm6"
},
{
"binary_name": "slurm-llnl-basic-plugins",
"binary_version": "2.6.5-1ubuntu0.1~esm6"
},
{
"binary_name": "slurm-llnl-basic-plugins-dev",
"binary_version": "2.6.5-1ubuntu0.1~esm6"
},
{
"binary_name": "slurm-llnl-slurmdbd",
"binary_version": "2.6.5-1ubuntu0.1~esm6"
},
{
"binary_name": "slurm-llnl-sview",
"binary_version": "2.6.5-1ubuntu0.1~esm6"
},
{
"binary_name": "slurm-llnl-torque",
"binary_version": "2.6.5-1ubuntu0.1~esm6"
}
]
}
Ubuntu:Pro:16.04:LTS / slurm-llnl
Package
- Name
- slurm-llnl
- Purl
- pkg:deb/ubuntu/slurm-llnl@15.08.7-1ubuntu0.1~esm5?arch=source&distro=esm-apps/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
14.*
14.11.8-4
15.*
15.08.4-1build1
15.08.4-1build2
15.08.7-1
15.08.7-1build1
15.08.7-1ubuntu0.1~esm3
15.08.7-1ubuntu0.1~esm4
15.08.7-1ubuntu0.1~esm5
Ecosystem specific
{
"binaries": [
{
"binary_name": "libpam-slurm",
"binary_version": "15.08.7-1ubuntu0.1~esm5"
},
{
"binary_name": "libpmi0",
"binary_version": "15.08.7-1ubuntu0.1~esm5"
},
{
"binary_name": "libpmi0-dev",
"binary_version": "15.08.7-1ubuntu0.1~esm5"
},
{
"binary_name": "libslurm-dev",
"binary_version": "15.08.7-1ubuntu0.1~esm5"
},
{
"binary_name": "libslurm-perl",
"binary_version": "15.08.7-1ubuntu0.1~esm5"
},
{
"binary_name": "libslurm29",
"binary_version": "15.08.7-1ubuntu0.1~esm5"
},
{
"binary_name": "libslurmdb-dev",
"binary_version": "15.08.7-1ubuntu0.1~esm5"
},
{
"binary_name": "libslurmdb-perl",
"binary_version": "15.08.7-1ubuntu0.1~esm5"
},
{
"binary_name": "libslurmdb29",
"binary_version": "15.08.7-1ubuntu0.1~esm5"
},
{
"binary_name": "slurm-client",
"binary_version": "15.08.7-1ubuntu0.1~esm5"
},
{
"binary_name": "slurm-client-emulator",
"binary_version": "15.08.7-1ubuntu0.1~esm5"
},
{
"binary_name": "slurm-llnl",
"binary_version": "15.08.7-1ubuntu0.1~esm5"
},
{
"binary_name": "slurm-llnl-slurmdbd",
"binary_version": "15.08.7-1ubuntu0.1~esm5"
},
{
"binary_name": "slurm-wlm",
"binary_version": "15.08.7-1ubuntu0.1~esm5"
},
{
"binary_name": "slurm-wlm-basic-plugins",
"binary_version": "15.08.7-1ubuntu0.1~esm5"
},
{
"binary_name": "slurm-wlm-basic-plugins-dev",
"binary_version": "15.08.7-1ubuntu0.1~esm5"
},
{
"binary_name": "slurm-wlm-emulator",
"binary_version": "15.08.7-1ubuntu0.1~esm5"
},
{
"binary_name": "slurm-wlm-torque",
"binary_version": "15.08.7-1ubuntu0.1~esm5"
},
{
"binary_name": "slurmctld",
"binary_version": "15.08.7-1ubuntu0.1~esm5"
},
{
"binary_name": "slurmd",
"binary_version": "15.08.7-1ubuntu0.1~esm5"
},
{
"binary_name": "slurmdbd",
"binary_version": "15.08.7-1ubuntu0.1~esm5"
},
{
"binary_name": "sview",
"binary_version": "15.08.7-1ubuntu0.1~esm5"
}
]
}
Ubuntu:Pro:18.04:LTS / slurm-llnl
Package
- Name
- slurm-llnl
- Purl
- pkg:deb/ubuntu/slurm-llnl@17.11.2-1ubuntu0.1~esm4?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
17.*
17.02.6-1build1
17.02.9-1
17.11.2-1build1
17.11.2-1ubuntu0.1~esm3
17.11.2-1ubuntu0.1~esm4
Ecosystem specific
{
"binaries": [
{
"binary_name": "libpam-slurm",
"binary_version": "17.11.2-1ubuntu0.1~esm4"
},
{
"binary_name": "libpmi0",
"binary_version": "17.11.2-1ubuntu0.1~esm4"
},
{
"binary_name": "libpmi0-dev",
"binary_version": "17.11.2-1ubuntu0.1~esm4"
},
{
"binary_name": "libpmi2-0",
"binary_version": "17.11.2-1ubuntu0.1~esm4"
},
{
"binary_name": "libpmi2-0-dev",
"binary_version": "17.11.2-1ubuntu0.1~esm4"
},
{
"binary_name": "libslurm-dev",
"binary_version": "17.11.2-1ubuntu0.1~esm4"
},
{
"binary_name": "libslurm-perl",
"binary_version": "17.11.2-1ubuntu0.1~esm4"
},
{
"binary_name": "libslurm32",
"binary_version": "17.11.2-1ubuntu0.1~esm4"
},
{
"binary_name": "libslurmdb-dev",
"binary_version": "17.11.2-1ubuntu0.1~esm4"
},
{
"binary_name": "libslurmdb-perl",
"binary_version": "17.11.2-1ubuntu0.1~esm4"
},
{
"binary_name": "libslurmdb32",
"binary_version": "17.11.2-1ubuntu0.1~esm4"
},
{
"binary_name": "slurm-client",
"binary_version": "17.11.2-1ubuntu0.1~esm4"
},
{
"binary_name": "slurm-client-emulator",
"binary_version": "17.11.2-1ubuntu0.1~esm4"
},
{
"binary_name": "slurm-wlm",
"binary_version": "17.11.2-1ubuntu0.1~esm4"
},
{
"binary_name": "slurm-wlm-basic-plugins",
"binary_version": "17.11.2-1ubuntu0.1~esm4"
},
{
"binary_name": "slurm-wlm-basic-plugins-dev",
"binary_version": "17.11.2-1ubuntu0.1~esm4"
},
{
"binary_name": "slurm-wlm-emulator",
"binary_version": "17.11.2-1ubuntu0.1~esm4"
},
{
"binary_name": "slurm-wlm-torque",
"binary_version": "17.11.2-1ubuntu0.1~esm4"
},
{
"binary_name": "slurmctld",
"binary_version": "17.11.2-1ubuntu0.1~esm4"
},
{
"binary_name": "slurmd",
"binary_version": "17.11.2-1ubuntu0.1~esm4"
},
{
"binary_name": "slurmdbd",
"binary_version": "17.11.2-1ubuntu0.1~esm4"
},
{
"binary_name": "sview",
"binary_version": "17.11.2-1ubuntu0.1~esm4"
}
]
}
Ubuntu:Pro:20.04:LTS / slurm-llnl
Package
- Name
- slurm-llnl
- Purl
- pkg:deb/ubuntu/slurm-llnl@19.05.5-1ubuntu0.1~esm2?arch=source&distro=esm-apps/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
19.*
19.05.3.2-2
19.05.3.2-2build1
19.05.5-1
19.05.5-1ubuntu0.1~esm1
19.05.5-1ubuntu0.1~esm2
Ecosystem specific
{
"binaries": [
{
"binary_name": "libpam-slurm",
"binary_version": "19.05.5-1ubuntu0.1~esm2"
},
{
"binary_name": "libpam-slurm-adopt",
"binary_version": "19.05.5-1ubuntu0.1~esm2"
},
{
"binary_name": "libpmi0",
"binary_version": "19.05.5-1ubuntu0.1~esm2"
},
{
"binary_name": "libpmi0-dev",
"binary_version": "19.05.5-1ubuntu0.1~esm2"
},
{
"binary_name": "libpmi2-0",
"binary_version": "19.05.5-1ubuntu0.1~esm2"
},
{
"binary_name": "libpmi2-0-dev",
"binary_version": "19.05.5-1ubuntu0.1~esm2"
},
{
"binary_name": "libslurm-dev",
"binary_version": "19.05.5-1ubuntu0.1~esm2"
},
{
"binary_name": "libslurm-perl",
"binary_version": "19.05.5-1ubuntu0.1~esm2"
},
{
"binary_name": "libslurm34",
"binary_version": "19.05.5-1ubuntu0.1~esm2"
},
{
"binary_name": "libslurmdb-perl",
"binary_version": "19.05.5-1ubuntu0.1~esm2"
},
{
"binary_name": "slurm-client",
"binary_version": "19.05.5-1ubuntu0.1~esm2"
},
{
"binary_name": "slurm-client-emulator",
"binary_version": "19.05.5-1ubuntu0.1~esm2"
},
{
"binary_name": "slurm-wlm",
"binary_version": "19.05.5-1ubuntu0.1~esm2"
},
{
"binary_name": "slurm-wlm-basic-plugins",
"binary_version": "19.05.5-1ubuntu0.1~esm2"
},
{
"binary_name": "slurm-wlm-basic-plugins-dev",
"binary_version": "19.05.5-1ubuntu0.1~esm2"
},
{
"binary_name": "slurm-wlm-emulator",
"binary_version": "19.05.5-1ubuntu0.1~esm2"
},
{
"binary_name": "slurm-wlm-torque",
"binary_version": "19.05.5-1ubuntu0.1~esm2"
},
{
"binary_name": "slurmctld",
"binary_version": "19.05.5-1ubuntu0.1~esm2"
},
{
"binary_name": "slurmd",
"binary_version": "19.05.5-1ubuntu0.1~esm2"
},
{
"binary_name": "slurmdbd",
"binary_version": "19.05.5-1ubuntu0.1~esm2"
},
{
"binary_name": "sview",
"binary_version": "19.05.5-1ubuntu0.1~esm2"
}
]
}
Ubuntu:Pro:22.04:LTS / slurm-wlm
Package
- Name
- slurm-wlm
- Purl
- pkg:deb/ubuntu/slurm-wlm@21.08.5-2ubuntu1+esm1?arch=source&distro=esm-apps/jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
20.*
20.11.7+really20.11.4-2
21.*
21.08.5-1
21.08.5-1.1
21.08.5-2
21.08.5-2ubuntu1
21.08.5-2ubuntu1+esm1
Ecosystem specific
{
"binaries": [
{
"binary_name": "libpam-slurm",
"binary_version": "21.08.5-2ubuntu1+esm1"
},
{
"binary_name": "libpam-slurm-adopt",
"binary_version": "21.08.5-2ubuntu1+esm1"
},
{
"binary_name": "libpmi0",
"binary_version": "21.08.5-2ubuntu1+esm1"
},
{
"binary_name": "libpmi0-dev",
"binary_version": "21.08.5-2ubuntu1+esm1"
},
{
"binary_name": "libpmi2-0",
"binary_version": "21.08.5-2ubuntu1+esm1"
},
{
"binary_name": "libpmi2-0-dev",
"binary_version": "21.08.5-2ubuntu1+esm1"
},
{
"binary_name": "libslurm-dev",
"binary_version": "21.08.5-2ubuntu1+esm1"
},
{
"binary_name": "libslurm-perl",
"binary_version": "21.08.5-2ubuntu1+esm1"
},
{
"binary_name": "libslurm37",
"binary_version": "21.08.5-2ubuntu1+esm1"
},
{
"binary_name": "libslurmdb-perl",
"binary_version": "21.08.5-2ubuntu1+esm1"
},
{
"binary_name": "slurm-client",
"binary_version": "21.08.5-2ubuntu1+esm1"
},
{
"binary_name": "slurm-client-emulator",
"binary_version": "21.08.5-2ubuntu1+esm1"
},
{
"binary_name": "slurm-wlm",
"binary_version": "21.08.5-2ubuntu1+esm1"
},
{
"binary_name": "slurm-wlm-basic-plugins",
"binary_version": "21.08.5-2ubuntu1+esm1"
},
{
"binary_name": "slurm-wlm-basic-plugins-dev",
"binary_version": "21.08.5-2ubuntu1+esm1"
},
{
"binary_name": "slurm-wlm-emulator",
"binary_version": "21.08.5-2ubuntu1+esm1"
},
{
"binary_name": "slurm-wlm-torque",
"binary_version": "21.08.5-2ubuntu1+esm1"
},
{
"binary_name": "slurmctld",
"binary_version": "21.08.5-2ubuntu1+esm1"
},
{
"binary_name": "slurmd",
"binary_version": "21.08.5-2ubuntu1+esm1"
},
{
"binary_name": "slurmdbd",
"binary_version": "21.08.5-2ubuntu1+esm1"
},
{
"binary_name": "slurmrestd",
"binary_version": "21.08.5-2ubuntu1+esm1"
},
{
"binary_name": "sview",
"binary_version": "21.08.5-2ubuntu1+esm1"
}
]
}