CVE-2016-10030

Source
https://nvd.nist.gov/vuln/detail/CVE-2016-10030
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-10030.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-10030
Related
Published
2017-01-05T11:59:00Z
Modified
2024-08-01T07:29:49.105295Z
Severity
  • 8.1 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

The prologerror function in slurmd/req.c in Slurm before 15.08.13, 16.x before 16.05.7, and 17.x before 17.02.0-pre4 has a vulnerability in how the slurmd daemon informs users of a Prolog failure on a compute node. That vulnerability could allow a user to assume control of an arbitrary file on the system. Any exploitation of this is dependent on the user being able to cause or anticipate the failure (non-zero return code) of a Prolog script that their job would run on. This issue affects all Slurm versions from 0.6.0 (September 2005) to present. Workarounds to prevent exploitation of this are to either disable your Prolog script, or modify it such that it always returns 0 ("success") and adjust it to set the node as down using scontrol instead of relying on the slurmd to handle that automatically. If you do not have a Prolog set you are unaffected by this issue.

References

Affected packages

Git / github.com/schedmd/slurm

Affected ranges

Type
GIT
Repo
https://github.com/schedmd/slurm
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

Other

slurm-13-12-0-0pre2
slurm-13-12-0-0pre3
slurm-13-12-0-0pre4
slurm-14-03-0-0pre5
slurm-14-03-0-0pre6
slurm-14-03-0-0rc1
slurm-14-03-0-1
slurm-14-03-1-1
slurm-14-03-1-2
slurm-14-03-10-1
slurm-14-03-11-1
slurm-14-03-2-1
slurm-14-03-3-1
slurm-14-03-3-2
slurm-14-03-4-1
slurm-14-03-4-2
slurm-14-03-5-1
slurm-14-03-6-1
slurm-14-03-7-1
slurm-14-03-8-1
slurm-14-03-9-1
slurm-14-11-0-0pre1
slurm-14-11-0-0pre2
slurm-14-11-0-0pre3
slurm-14-11-0-0pre4
slurm-14-11-0-0pre5
slurm-14-11-0-0rc1
slurm-14-11-0-0rc2
slurm-14-11-0-0rc3
slurm-14-11-0-1
slurm-14-11-1-1
slurm-14-11-10-1
slurm-14-11-11-1
slurm-14-11-2-1
slurm-14-11-3-1
slurm-14-11-4-1
slurm-14-11-5-1
slurm-14-11-6-1
slurm-14-11-7-1
slurm-14-11-8-1
slurm-14-11-9-1
slurm-15-08-0-0pre1
slurm-15-08-0-0pre2
slurm-15-08-0-0pre3
slurm-15-08-0-0pre4
slurm-15-08-0-0pre5
slurm-15-08-0-0pre6
slurm-15-08-0-0rc1
slurm-15-08-0-1
slurm-15-08-1-1
slurm-15-08-10-1
slurm-15-08-11-1
slurm-15-08-12-1
slurm-15-08-13-1
slurm-15-08-2-1
slurm-15-08-3-1
slurm-15-08-4-1
slurm-15-08-5-1
slurm-15-08-6-1
slurm-15-08-7-1
slurm-15-08-8-1
slurm-15-08-9-1
slurm-16-05-0-0pre1
slurm-16-05-0-0pre2
slurm-16-05-0-0rc1
slurm-16-05-0-0rc2
slurm-16-05-0-1
slurm-16-05-1-1
slurm-16-05-2-1
slurm-16-05-3-1
slurm-16-05-4-1
slurm-16-05-5-1
slurm-16-05-6-1
slurm-16-05-7-1
slurm-2-2-6-1
slurm-2-2-7-1
slurm-2-3-0-0-pre5
slurm-2-3-0-0-pre6
slurm-2-3-0-0-rc1
slurm-2-3-0-0-rc2
slurm-2-3-0-1
slurm-2-3-0-2
slurm-2-3-1-1
slurm-2-3-2-1
slurm-2-3-3-1
slurm-2-3-4-1
slurm-2-3-5-1
slurm-2-4-0-0-pre1
slurm-2-4-0-0-pre2
slurm-2-4-0-0-pre3
slurm-2-4-0-0-pre4
slurm-2-4-0-0-rc1
slurm-2-4-0-1
slurm-2-4-1-1
slurm-2-4-2-1
slurm-2-4-3-0
slurm-2-4-4-1
slurm-2-4-5-1
slurm-2-5-0-0-pre1
slurm-2-5-0-0-pre2
slurm-2-5-0-0-pre3
slurm-2-5-0-0-rc1
slurm-2-5-0-0-rc2
slurm-2-5-0-1
slurm-2-5-1-1
slurm-2-5-2-1
slurm-2-5-3-1
slurm-2-5-4-1
slurm-2-5-5-1
slurm-2-5-6-1
slurm-2-5-7-1
slurm-2-6-0-0-pre2
slurm-2-6-0-0pre1
slurm-2-6-0-0pre2
slurm-2-6-0-0pre3
slurm-2-6-0-0pre4
slurm-2-6-0-0rc1
slurm-2-6-0-0rc2
slurm-2-6-0-1
slurm-2-6-1-1
slurm-2-6-2-1
slurm-2-6-3-1
slurm-2-6-4-1
slurm-2-6-5-1
slurm-2-6-6-1
slurm-2-6-6-2
slurm-2-6-7-1
slurm-2-6-8-1
slurm-2-6-9-1