CVE-2022-31251

NameCVE-2022-31251
DescriptionA Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE Factory allows local attackers with control over the slurm user to escalate to root. This issue affects: openSUSE Factory slurm versions prior to 22.05.2-3.3.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
slurm-wlm (PTS)bullseye (security), bullseye20.11.7+really20.11.4-2+deb11u1fixed
bookworm, bookworm (security)22.05.8-4+deb12u2fixed
trixie23.11.3-2fixed
sid23.11.4-1.2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
slurm-wlmsource(unstable)(not affected)

Notes

- slurm-wlm <not-affected> (SUSE specific packaging issue)

Search for package or bug name: Reporting problems