CVE-2014-0748 Information

Description

apinit on Cray devices with CLE before 4.2.UP02 and 5.x before 5.1.UP00 does not use alpsauth data to validate the UID in a launch message which allows local users to gain privileges via a modified aprun program aka ID FN5912.

Reference

https://labs.mwrinfosecurity.com/advisories/2014/01/31/cray-aprunapinit-privilege-escalation/