Vulnerability Description
An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. Because of a double free, attackers can cause a denial of service or possibly execute arbitrary code. The fixed versions are 22.05.11, 23.02.7, and 23.11.1.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schedmd | Slurm | >= 22.05, < 22.05.12 |
Related Weaknesses (CWE)
References
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://lists.schedmd.com/pipermail/slurm-announce/2023/000103.htmlMailing ListVendor Advisory
- https://www.schedmd.com/security-archive.phpVendor Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://lists.fedoraproject.org/archives/list/[email protected]
- https://lists.fedoraproject.org/archives/list/[email protected]
- https://lists.schedmd.com/pipermail/slurm-announce/2023/000103.htmlMailing ListVendor Advisory
- https://www.schedmd.com/security-archive.phpVendor Advisory
FAQ
What is CVE-2023-49937?
CVE-2023-49937 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. Because of a double free, attackers can cause a denial of service or possibly execute arbitrary code. The fixed versions are 22....
How severe is CVE-2023-49937?
CVE-2023-49937 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-49937?
Check the references section above for vendor advisories and patch information. Affected products include: Schedmd Slurm.