Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-49937

An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. Because of a double free, attackers can cause a denial of service or possibly execute arbitrary code. The fixed versions are 22.05.11, 23.02.7, and 23.11.1.

Published

2023-12-14T05:15:11.493

Last Modified

2024-11-21T08:34:02.757

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses

Type: Primary
CWE-415

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	schedmd	slurm	< 22.05.12	Yes
Application	schedmd	slurm	< 23.02.7	Yes
Application	schedmd	slurm	23.11	Yes
Application	schedmd	slurm	23.11	Yes

References

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63FEDDYEE2WK7FHWBHKON3OZVQI56WSQ/ ([email protected])
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AYQS3LFGC4HE4WCW4L3NAA2I6FRIWMNO/ ([email protected])
https://lists.schedmd.com/pipermail/slurm-announce/2023/000103.html Mailing List, Vendor Advisory ([email protected])
https://www.schedmd.com/security-archive.php Vendor Advisory ([email protected])
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63FEDDYEE2WK7FHWBHKON3OZVQI56WSQ/ (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AYQS3LFGC4HE4WCW4L3NAA2I6FRIWMNO/ (af854a3a-2127-422b-91ae-364da2661108)
https://lists.schedmd.com/pipermail/slurm-announce/2023/000103.html Mailing List, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.schedmd.com/security-archive.php Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)