Ubuntu alert USN-8197-1 (slurm-llnl)
| From: | noreply+usn-bot@canonical.com | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-8197-1] Slurm vulnerability | |
| Date: | Thu, 23 Apr 2026 12:30:57 +0000 | |
| Message-ID: | <E1wFtCr-0004MM-Dd@lists.ubuntu.com> |
========================================================================== Ubuntu Security Notice USN-8197-1 April 22, 2026 slurm-llnl vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Slurm could be made to send data to an arbitrary unix socket on the host. Software Description: - slurm-llnl: Simple Linux Utility for Resource Management Details: It was discovered that Slurm did not properly handle access control when dealing with RPC traffic through PMI2 and PMIx, which could allow an unprivileged user to send data to an arbitrary unix socket on the host. An attacker could possibly use this issue to execute arbitrary code as the root user. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS libpam-slurm 17.11.2-1ubuntu0.1~esm5 Available with Ubuntu Pro libpmi0 17.11.2-1ubuntu0.1~esm5 Available with Ubuntu Pro libpmi2-0 17.11.2-1ubuntu0.1~esm5 Available with Ubuntu Pro libslurm32 17.11.2-1ubuntu0.1~esm5 Available with Ubuntu Pro libslurmdb32 17.11.2-1ubuntu0.1~esm5 Available with Ubuntu Pro slurm-client 17.11.2-1ubuntu0.1~esm5 Available with Ubuntu Pro slurm-wlm 17.11.2-1ubuntu0.1~esm5 Available with Ubuntu Pro slurmctld 17.11.2-1ubuntu0.1~esm5 Available with Ubuntu Pro slurmd 17.11.2-1ubuntu0.1~esm5 Available with Ubuntu Pro slurmdbd 17.11.2-1ubuntu0.1~esm5 Available with Ubuntu Pro Ubuntu 16.04 LTS libpam-slurm 15.08.7-1ubuntu0.1~esm6 Available with Ubuntu Pro libpmi0 15.08.7-1ubuntu0.1~esm6 Available with Ubuntu Pro libslurm29 15.08.7-1ubuntu0.1~esm6 Available with Ubuntu Pro libslurmdb29 15.08.7-1ubuntu0.1~esm6 Available with Ubuntu Pro slurm-client 15.08.7-1ubuntu0.1~esm6 Available with Ubuntu Pro slurm-llnl 15.08.7-1ubuntu0.1~esm6 Available with Ubuntu Pro slurm-wlm 15.08.7-1ubuntu0.1~esm6 Available with Ubuntu Pro slurmctld 15.08.7-1ubuntu0.1~esm6 Available with Ubuntu Pro slurmd 15.08.7-1ubuntu0.1~esm6 Available with Ubuntu Pro slurmdbd 15.08.7-1ubuntu0.1~esm6 Available with Ubuntu Pro Ubuntu 14.04 LTS libpam-slurm 2.6.5-1ubuntu0.1~esm7 Available with Ubuntu Pro libpmi0 2.6.5-1ubuntu0.1~esm7 Available with Ubuntu Pro libslurm26 2.6.5-1ubuntu0.1~esm7 Available with Ubuntu Pro libslurmdb26 2.6.5-1ubuntu0.1~esm7 Available with Ubuntu Pro slurm-llnl 2.6.5-1ubuntu0.1~esm7 Available with Ubuntu Pro After a standard system update you need to restart Slurm to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8197-1 CVE-2022-29501
Attachment: signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAmnqBGgACgkQcpJm3tlz hgEkQRAAizShayNN4M5BS0s/nFUJKZmle6Kw8KZGLjr/HqLLChRRKp3Jt9eHaPTm kzIYimsygoXheomJ/paVkhUdgBH2WVmAXZRVhDjf7JoN0/IR5WXAIwLMx2pWhE5i xh5TMN2B9Vhf/ZPU9A/p204yTIo/4EdbWxW2ubvXWGKQrx1Ard1yB7gQ8gX8mCxl Ivx7dC5xsE/mCL8BKItVvMeybwC+Mm1CjgVi6a4dVjwWZD8APf0hjc3HGatOZMYZ l1ZjNQiz42TI69vgiQCRPb0hEgqID4SwqKvo+57gKvkgV8nJHTcWHpceAFfyclwP Y9Vgs8Xg+M4YOMS2UI7WwsAylMilx+JU4h2U38sSPoSM2apLFwO2mRLsyEj3dEqR BDG7IPMi6I4gi4G3OiJj4NpCeSgbM8Yn9mpYMO4Ifpz/HpFvLt+79BmntTFoAzOW Cl3rAptAjDFP2dXhGSmW0C5NabpQbTOfg7/B1CMrWWMeOPfrRjTgs6Ae7uBEK1nd 1qLLQbkqGt871iUssO10siD6v8JXt+tKpgv4Ni6/CwJsGidIEgXW/uzQ2d2Qw8Kc pVLWxy5ou+cnja9KlsxqsYE7e2lAe8BxANrXZlEDfAm7tHv8voI7kJ3DEjODPQ/L 26IKZk3FYJeH2CdTjBlqh+P1c5RHodWqQZoCSF/+zJknaT6hBvM= =p0hO -----END PGP SIGNATURE-----