CVE-2017-15566

Priority
Description
Insecure SPANK environment variable handling exists in SchedMD Slurm before
16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing
privilege escalation to root during Prolog or Epilog execution.
Notes
msalvatore"This issue affects all Slurm versions from 15.08.0"
Package
Upstream:released (16.05.11, 17.02.9, 17.11.0rc2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (code not present)
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (17.11.2-1build1)
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):not-affected (19.05.3.2-2)
More Information

Updated: 2020-04-24 03:38:21 UTC (commit d3f8a6ed481830fb100109a132bef581fc4176fe)