Rapid7 Vulnerability & Exploit Database

SUSE: CVE-2023-49938: SUSE Linux Security Advisory

Free InsightVM Trial No Credit Card Necessary

2024 Attack Intel Report Latest research by Rapid7 Labs

Back to Search

SUSE: CVE-2023-49938: SUSE Linux Security Advisory

Severity

CVSS

(AV:L/AC:M/Au:N/C:P/I:P/A:P)

Published

12/14/2023

Created

02/02/2024

Added

02/01/2024

Modified

02/05/2024

Description

An issue was discovered in SchedMD Slurm 22.05.x and 23.02.x. There is Incorrect Access Control: an attacker can modified their extended group list that is used with the sbcast subsystem, and open files with an unauthorized set of extended groups. The fixed versions are 22.05.11 and 23.02.7.

Solution(s)

suse-upgrade-libnss_slurm2
suse-upgrade-libnss_slurm2_20_02
suse-upgrade-libnss_slurm2_20_11
suse-upgrade-libnss_slurm2_22_05
suse-upgrade-libnss_slurm2_23_02
suse-upgrade-libpmi0
suse-upgrade-libpmi0_18_08
suse-upgrade-libpmi0_20_02
suse-upgrade-libpmi0_20_11
suse-upgrade-libpmi0_22_05
suse-upgrade-libpmi0_23_02
suse-upgrade-libslurm31
suse-upgrade-libslurm33
suse-upgrade-libslurm35
suse-upgrade-libslurm36
suse-upgrade-libslurm38
suse-upgrade-libslurm39
suse-upgrade-perl-slurm
suse-upgrade-perl-slurm_18_08
suse-upgrade-perl-slurm_20_02
suse-upgrade-perl-slurm_20_11
suse-upgrade-perl-slurm_22_05
suse-upgrade-perl-slurm_23_02
suse-upgrade-slurm
suse-upgrade-slurm-auth-none
suse-upgrade-slurm-config
suse-upgrade-slurm-config-man
suse-upgrade-slurm-cray
suse-upgrade-slurm-devel
suse-upgrade-slurm-doc
suse-upgrade-slurm-hdf5
suse-upgrade-slurm-lua
suse-upgrade-slurm-munge
suse-upgrade-slurm-node
suse-upgrade-slurm-openlava
suse-upgrade-slurm-pam_slurm
suse-upgrade-slurm-plugin-ext-sensors-rrd
suse-upgrade-slurm-plugins
suse-upgrade-slurm-rest
suse-upgrade-slurm-sched-wiki
suse-upgrade-slurm-seff
suse-upgrade-slurm-sjstat
suse-upgrade-slurm-slurmdb-direct
suse-upgrade-slurm-slurmdbd
suse-upgrade-slurm-sql
suse-upgrade-slurm-sview
suse-upgrade-slurm-testsuite
suse-upgrade-slurm-torque
suse-upgrade-slurm-webdoc
suse-upgrade-slurm_18_08
suse-upgrade-slurm_18_08-auth-none
suse-upgrade-slurm_18_08-config
suse-upgrade-slurm_18_08-devel
suse-upgrade-slurm_18_08-doc
suse-upgrade-slurm_18_08-lua
suse-upgrade-slurm_18_08-munge
suse-upgrade-slurm_18_08-node
suse-upgrade-slurm_18_08-pam_slurm
suse-upgrade-slurm_18_08-plugins
suse-upgrade-slurm_18_08-slurmdbd
suse-upgrade-slurm_18_08-sql
suse-upgrade-slurm_18_08-torque
suse-upgrade-slurm_20_02
suse-upgrade-slurm_20_02-auth-none
suse-upgrade-slurm_20_02-config
suse-upgrade-slurm_20_02-config-man
suse-upgrade-slurm_20_02-cray
suse-upgrade-slurm_20_02-devel
suse-upgrade-slurm_20_02-doc
suse-upgrade-slurm_20_02-hdf5
suse-upgrade-slurm_20_02-lua
suse-upgrade-slurm_20_02-munge
suse-upgrade-slurm_20_02-node
suse-upgrade-slurm_20_02-openlava
suse-upgrade-slurm_20_02-pam_slurm
suse-upgrade-slurm_20_02-plugins
suse-upgrade-slurm_20_02-rest
suse-upgrade-slurm_20_02-seff
suse-upgrade-slurm_20_02-sjstat
suse-upgrade-slurm_20_02-slurmdbd
suse-upgrade-slurm_20_02-sql
suse-upgrade-slurm_20_02-sview
suse-upgrade-slurm_20_02-testsuite
suse-upgrade-slurm_20_02-torque
suse-upgrade-slurm_20_02-webdoc
suse-upgrade-slurm_20_11
suse-upgrade-slurm_20_11-auth-none
suse-upgrade-slurm_20_11-config
suse-upgrade-slurm_20_11-config-man
suse-upgrade-slurm_20_11-cray
suse-upgrade-slurm_20_11-devel
suse-upgrade-slurm_20_11-doc
suse-upgrade-slurm_20_11-hdf5
suse-upgrade-slurm_20_11-lua
suse-upgrade-slurm_20_11-munge
suse-upgrade-slurm_20_11-node
suse-upgrade-slurm_20_11-openlava
suse-upgrade-slurm_20_11-pam_slurm
suse-upgrade-slurm_20_11-plugins
suse-upgrade-slurm_20_11-rest
suse-upgrade-slurm_20_11-seff
suse-upgrade-slurm_20_11-sjstat
suse-upgrade-slurm_20_11-slurmdbd
suse-upgrade-slurm_20_11-sql
suse-upgrade-slurm_20_11-sview
suse-upgrade-slurm_20_11-torque
suse-upgrade-slurm_20_11-webdoc
suse-upgrade-slurm_22_05
suse-upgrade-slurm_22_05-auth-none
suse-upgrade-slurm_22_05-config
suse-upgrade-slurm_22_05-config-man
suse-upgrade-slurm_22_05-cray
suse-upgrade-slurm_22_05-devel
suse-upgrade-slurm_22_05-doc
suse-upgrade-slurm_22_05-hdf5
suse-upgrade-slurm_22_05-lua
suse-upgrade-slurm_22_05-munge
suse-upgrade-slurm_22_05-node
suse-upgrade-slurm_22_05-openlava
suse-upgrade-slurm_22_05-pam_slurm
suse-upgrade-slurm_22_05-plugins
suse-upgrade-slurm_22_05-rest
suse-upgrade-slurm_22_05-seff
suse-upgrade-slurm_22_05-sjstat
suse-upgrade-slurm_22_05-slurmdbd
suse-upgrade-slurm_22_05-sql
suse-upgrade-slurm_22_05-sview
suse-upgrade-slurm_22_05-testsuite
suse-upgrade-slurm_22_05-torque
suse-upgrade-slurm_22_05-webdoc
suse-upgrade-slurm_23_02
suse-upgrade-slurm_23_02-auth-none
suse-upgrade-slurm_23_02-config
suse-upgrade-slurm_23_02-config-man
suse-upgrade-slurm_23_02-cray
suse-upgrade-slurm_23_02-devel
suse-upgrade-slurm_23_02-doc
suse-upgrade-slurm_23_02-lua
suse-upgrade-slurm_23_02-munge
suse-upgrade-slurm_23_02-node
suse-upgrade-slurm_23_02-pam_slurm
suse-upgrade-slurm_23_02-plugin-ext-sensors-rrd
suse-upgrade-slurm_23_02-plugins
suse-upgrade-slurm_23_02-slurmdbd
suse-upgrade-slurm_23_02-sql
suse-upgrade-slurm_23_02-sview
suse-upgrade-slurm_23_02-torque
suse-upgrade-slurm_23_02-webdoc

References

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

SUSE: CVE-2023-49938: SUSE Linux Security Advisory

SUSE: CVE-2023-49938: SUSE Linux Security Advisory

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.