[QSA-1215232] Slurm vulnerabilities
Qlustar Security Advisory 1215232
December 15th, 2023
Summary:
Slurm vulnerabilities
Package(s) : slurmctld,
slurmdbd,
qlustar-module-slurm-focal-amd64-12.0.3,
qlustar-module-slurm-jammy-amd64-13.1,
qlustar-module-slurm-centos8-amd64-13.1
Qlustar releases : 12.0, 13
Affected versions: All versions prior to this update
Vulnerability : Privilege escalation
Problem type : local
Qlustar-specific : no
CVE Id(s) : CVE-2023-49933, CVE-2023-49934, CVE-2023-49935, CVE-2023-49936,
CVE-2023-49937, CVE-2023-49938
Relevant to Qlustar 12.0 and 13
Ryan Hall (Meta Red Team X) discovered that there is improper enforcement of message integrity during transmission in a communication channel. This allows attackers to modify RPC traffic in a way that bypasses message hash checks (CVE-2023-49933).
The SchedMD team discovered that there is arbitrary SQL injection against SlurmDBD’s SQL database (CVE-2023-49934).
Ryan Hall discovered that there is incorrect access control because of a slurmd message integrity bypass. An attacker can reuse root-level authentication tokens during interaction with the slurmd process. This bypasses the RPC message hashes that protect against undesired MUNGE credential reuse (CVE-2023-49935).
Ryan Hall discovered that a NULL pointer dereference leads to denial of service (CVE-2023-49936).
Ryan Hall discovered that because of a double free, attackers can cause a denial of service or possibly execute arbitrary code (CVE-2023-49937).
Ryan Hall discovered that there is incorrect access control: An attacker can modify their extended group list that is used with the sbcast subsystem, and open files with an unauthorized set of extended groups (CVE-2023-49938).
Update instructions:
The problem can be corrected by updating your system to the following or more recent package versions:
For Qlustar 13
slurmctld 23.02.7-ql.1_amd64+13-jammy
slurmdbd 23.02.7-ql.1_amd64+13-jammy
qlustar-module-slurm-jammy-amd64-13.1 13.1.3-b569f1522
qlustar-module-slurm-centos8-amd64-13.1 13.1.3-b569f1522
For Qlustar 12.0
slurmctld 23.02.7-ql.1_amd64+12-focal
slurmdbd 23.02.7-ql.1_amd64+12-focal
qlustar-module-core-focal-amd64-12.0.3 12.0.3.2-b566f1523