CVE-2025-43904

NameCVE-2025-43904
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-5961-1
Debian Bugs1104929

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
slurm-wlm (PTS)bullseye (security), bullseye20.11.7+really20.11.4-2+deb11u1vulnerable
bookworm, bookworm (security)22.05.8-4+deb12u3fixed
forky, trixie24.11.5-4fixed
sid25.05.4-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
slurm-wlmsourcebullseye(unfixed)end-of-life
slurm-wlmsourcebookworm22.05.8-4+deb12u3DSA-5961-1
slurm-wlmsource(unstable)24.11.5-11104929

Notes

[bullseye] - slurm-wlm <end-of-life> (see #1071127)
https://lists.schedmd.com/mailman3/hyperkitty/list/slurm-announce@lists.schedmd.com/message/B73QHKW6TKE2T5KDWVPIWNE5H4KWX667/
Search for package or bug name: Reporting problems