Vulnerability Details CVE-2023-49937
An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. Because of a double free, attackers can cause a denial of service or possibly execute arbitrary code. The fixed versions are 22.05.11, 23.02.7, and 23.11.1.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.7%
CVSS Severity
CVSS v3 Score 9.8
References
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63FEDDYEE2WK7FHWBHKON3OZVQI56WSQ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AYQS3LFGC4HE4WCW4L3NAA2I6FRIWMNO/
- https://lists.schedmd.com/pipermail/slurm-announce/2023/000103.html
- https://www.schedmd.com/security-archive.php
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63FEDDYEE2WK7FHWBHKON3OZVQI56WSQ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AYQS3LFGC4HE4WCW4L3NAA2I6FRIWMNO/
- https://lists.schedmd.com/pipermail/slurm-announce/2023/000103.html
- https://www.schedmd.com/security-archive.php
Products affected by CVE-2023-49937
-
cpe:2.3:a:schedmd:slurm:22.05
-
cpe:2.3:a:schedmd:slurm:22.05.0
-
cpe:2.3:a:schedmd:slurm:22.05.1
-
cpe:2.3:a:schedmd:slurm:22.05.10
-
cpe:2.3:a:schedmd:slurm:22.05.11
-
cpe:2.3:a:schedmd:slurm:22.05.2
-
cpe:2.3:a:schedmd:slurm:22.05.3
-
cpe:2.3:a:schedmd:slurm:22.05.4
-
cpe:2.3:a:schedmd:slurm:22.05.5
-
cpe:2.3:a:schedmd:slurm:22.05.6
-
cpe:2.3:a:schedmd:slurm:22.05.7
-
cpe:2.3:a:schedmd:slurm:22.05.8
-
cpe:2.3:a:schedmd:slurm:22.05.9
-
cpe:2.3:a:schedmd:slurm:23.02
-
cpe:2.3:a:schedmd:slurm:23.02.0
-
cpe:2.3:a:schedmd:slurm:23.02.1
-
cpe:2.3:a:schedmd:slurm:23.02.2
-
cpe:2.3:a:schedmd:slurm:23.02.3
-
cpe:2.3:a:schedmd:slurm:23.02.4
-
cpe:2.3:a:schedmd:slurm:23.02.5
-
cpe:2.3:a:schedmd:slurm:23.02.6
-
cpe:2.3:a:schedmd:slurm:23.11