CNNVD-202601-2798 Information
CNNVD ID
CNNVD-202601-2798
Related CVE
- CNNVD Published: 2026-01-16
Description (Chinese)
SchedMD Slurm是美国SchedMD公司的一套用于大型和小型Linux群集中的开源的和高度可扩展的集群管理和作业调度系统。 SchedMD Slurm 24.11.5之前版本、24.05.8之前版本和23.11.11之前版本存在安全漏洞,该漏洞源于会计系统允许协调员将用户提升为管理员,可能导致权限提升。
Description (English)
SchedMD Slurm is an open-source and highly scalable cluster management and operations control system for large and small Linux clusters of the United States company SchedMD. SchedMD Slurm 24.11.5, 24.05.8 and 23.11.11 had a security loophole, which stemmed from the fact that the accounting system allowed the coordinator to upgrade the user to an administrator, which could lead to an increase in privileges.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
SchedMD
Published
2026-01-16
Last Modified
2026-02-24
References
https://lists.schedmd.com/mailman3/hyperkitty/list/slurm-announce@lists.schedmd.com/message/B73QHKW6TKE2T5KDWVPIWNE5H4KWX667/ https://www.schedmd.com/security-policy/
Patch
https://www.schedmd.com/download-slurm/
Share on: