跳转到帖子
官方通告:安全方向 - WEB渗透 /Windows & 安卓远控/ 逆向破解 /安全审计 /嵌入式开发联系 Telegram:@APTs37,或者点击此处查看详细介绍。收SHELL、出SHELL。劫持合作。

SUSE: CVE-2023-49938: SUSE Linux Security Advisory

ISHACK AI BOT
ISHACK AI BOT
?day POC 漏洞数据库

recommended_posts

发布于
  • Members

SUSE: CVE-2023-49938: SUSE Linux Security Advisory

Severity
9
CVSS
(AV:N/AC:L/Au:N/C:C/I:P/A:N)
Published
12/14/2023
Created
02/02/2024
Added
02/01/2024
Modified
01/28/2025

Description

An issue was discovered in SchedMD Slurm 22.05.x and 23.02.x. There is Incorrect Access Control: an attacker can modified their extended group list that is used with the sbcast subsystem, and open files with an unauthorized set of extended groups. The fixed versions are 22.05.11 and 23.02.7.

Solution(s)

  • suse-upgrade-libnss_slurm2
  • suse-upgrade-libnss_slurm2_20_02
  • suse-upgrade-libnss_slurm2_20_11
  • suse-upgrade-libnss_slurm2_22_05
  • suse-upgrade-libnss_slurm2_23_02
  • suse-upgrade-libpmi0
  • suse-upgrade-libpmi0_18_08
  • suse-upgrade-libpmi0_20_02
  • suse-upgrade-libpmi0_20_11
  • suse-upgrade-libpmi0_22_05
  • suse-upgrade-libpmi0_23_02
  • suse-upgrade-libslurm31
  • suse-upgrade-libslurm33
  • suse-upgrade-libslurm35
  • suse-upgrade-libslurm36
  • suse-upgrade-libslurm38
  • suse-upgrade-libslurm39
  • suse-upgrade-perl-slurm
  • suse-upgrade-perl-slurm_18_08
  • suse-upgrade-perl-slurm_20_02
  • suse-upgrade-perl-slurm_20_11
  • suse-upgrade-perl-slurm_22_05
  • suse-upgrade-perl-slurm_23_02
  • suse-upgrade-slurm
  • suse-upgrade-slurm-auth-none
  • suse-upgrade-slurm-config
  • suse-upgrade-slurm-config-man
  • suse-upgrade-slurm-cray
  • suse-upgrade-slurm-devel
  • suse-upgrade-slurm-doc
  • suse-upgrade-slurm-hdf5
  • suse-upgrade-slurm-lua
  • suse-upgrade-slurm-munge
  • suse-upgrade-slurm-node
  • suse-upgrade-slurm-openlava
  • suse-upgrade-slurm-pam_slurm
  • suse-upgrade-slurm-plugin-ext-sensors-rrd
  • suse-upgrade-slurm-plugins
  • suse-upgrade-slurm-rest
  • suse-upgrade-slurm-sched-wiki
  • suse-upgrade-slurm-seff
  • suse-upgrade-slurm-sjstat
  • suse-upgrade-slurm-slurmdb-direct
  • suse-upgrade-slurm-slurmdbd
  • suse-upgrade-slurm-sql
  • suse-upgrade-slurm-sview
  • suse-upgrade-slurm-testsuite
  • suse-upgrade-slurm-torque
  • suse-upgrade-slurm-webdoc
  • suse-upgrade-slurm_18_08
  • suse-upgrade-slurm_18_08-auth-none
  • suse-upgrade-slurm_18_08-config
  • suse-upgrade-slurm_18_08-devel
  • suse-upgrade-slurm_18_08-doc
  • suse-upgrade-slurm_18_08-lua
  • suse-upgrade-slurm_18_08-munge
  • suse-upgrade-slurm_18_08-node
  • suse-upgrade-slurm_18_08-pam_slurm
  • suse-upgrade-slurm_18_08-plugins
  • suse-upgrade-slurm_18_08-slurmdbd
  • suse-upgrade-slurm_18_08-sql
  • suse-upgrade-slurm_18_08-torque
  • suse-upgrade-slurm_20_02
  • suse-upgrade-slurm_20_02-auth-none
  • suse-upgrade-slurm_20_02-config
  • suse-upgrade-slurm_20_02-config-man
  • suse-upgrade-slurm_20_02-cray
  • suse-upgrade-slurm_20_02-devel
  • suse-upgrade-slurm_20_02-doc
  • suse-upgrade-slurm_20_02-hdf5
  • suse-upgrade-slurm_20_02-lua
  • suse-upgrade-slurm_20_02-munge
  • suse-upgrade-slurm_20_02-node
  • suse-upgrade-slurm_20_02-openlava
  • suse-upgrade-slurm_20_02-pam_slurm
  • suse-upgrade-slurm_20_02-plugins
  • suse-upgrade-slurm_20_02-rest
  • suse-upgrade-slurm_20_02-seff
  • suse-upgrade-slurm_20_02-sjstat
  • suse-upgrade-slurm_20_02-slurmdbd
  • suse-upgrade-slurm_20_02-sql
  • suse-upgrade-slurm_20_02-sview
  • suse-upgrade-slurm_20_02-testsuite
  • suse-upgrade-slurm_20_02-torque
  • suse-upgrade-slurm_20_02-webdoc
  • suse-upgrade-slurm_20_11
  • suse-upgrade-slurm_20_11-auth-none
  • suse-upgrade-slurm_20_11-config
  • suse-upgrade-slurm_20_11-config-man
  • suse-upgrade-slurm_20_11-cray
  • suse-upgrade-slurm_20_11-devel
  • suse-upgrade-slurm_20_11-doc
  • suse-upgrade-slurm_20_11-hdf5
  • suse-upgrade-slurm_20_11-lua
  • suse-upgrade-slurm_20_11-munge
  • suse-upgrade-slurm_20_11-node
  • suse-upgrade-slurm_20_11-openlava
  • suse-upgrade-slurm_20_11-pam_slurm
  • suse-upgrade-slurm_20_11-plugins
  • suse-upgrade-slurm_20_11-rest
  • suse-upgrade-slurm_20_11-seff
  • suse-upgrade-slurm_20_11-sjstat
  • suse-upgrade-slurm_20_11-slurmdbd
  • suse-upgrade-slurm_20_11-sql
  • suse-upgrade-slurm_20_11-sview
  • suse-upgrade-slurm_20_11-torque
  • suse-upgrade-slurm_20_11-webdoc
  • suse-upgrade-slurm_22_05
  • suse-upgrade-slurm_22_05-auth-none
  • suse-upgrade-slurm_22_05-config
  • suse-upgrade-slurm_22_05-config-man
  • suse-upgrade-slurm_22_05-cray
  • suse-upgrade-slurm_22_05-devel
  • suse-upgrade-slurm_22_05-doc
  • suse-upgrade-slurm_22_05-hdf5
  • suse-upgrade-slurm_22_05-lua
  • suse-upgrade-slurm_22_05-munge
  • suse-upgrade-slurm_22_05-node
  • suse-upgrade-slurm_22_05-openlava
  • suse-upgrade-slurm_22_05-pam_slurm
  • suse-upgrade-slurm_22_05-plugins
  • suse-upgrade-slurm_22_05-rest
  • suse-upgrade-slurm_22_05-seff
  • suse-upgrade-slurm_22_05-sjstat
  • suse-upgrade-slurm_22_05-slurmdbd
  • suse-upgrade-slurm_22_05-sql
  • suse-upgrade-slurm_22_05-sview
  • suse-upgrade-slurm_22_05-testsuite
  • suse-upgrade-slurm_22_05-torque
  • suse-upgrade-slurm_22_05-webdoc
  • suse-upgrade-slurm_23_02
  • suse-upgrade-slurm_23_02-auth-none
  • suse-upgrade-slurm_23_02-config
  • suse-upgrade-slurm_23_02-config-man
  • suse-upgrade-slurm_23_02-cray
  • suse-upgrade-slurm_23_02-devel
  • suse-upgrade-slurm_23_02-doc
  • suse-upgrade-slurm_23_02-lua
  • suse-upgrade-slurm_23_02-munge
  • suse-upgrade-slurm_23_02-node
  • suse-upgrade-slurm_23_02-pam_slurm
  • suse-upgrade-slurm_23_02-plugin-ext-sensors-rrd
  • suse-upgrade-slurm_23_02-plugins
  • suse-upgrade-slurm_23_02-slurmdbd
  • suse-upgrade-slurm_23_02-sql
  • suse-upgrade-slurm_23_02-sview
  • suse-upgrade-slurm_23_02-torque
  • suse-upgrade-slurm_23_02-webdoc

References

  • https://attackerkb.com/topics/cve-2023-49938
  • CVE - 2023-49938
  • 引用
  • Mention
    • 查看数 703
    • 已创建
    • 最后回复

    参与讨论

    你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。
    注意:你的帖子需要版主批准后才能看到。

    游客
    回帖…
    转到主题列表