Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP7:GA
slurm.17251
Fix-Authentication-Bypass-when-Message-Aggregat...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File Fix-Authentication-Bypass-when-Message-Aggregation-is-enabled-CVE-2020-12693.patch of Package slurm.17251
From: Egbert Eich <eich@suse.com> Date: Tue Jul 7 09:59:21 2020 +0200 Subject: Fix Authentication Bypass when Message Aggregation is enabled CVE-2020-12693 Patch-mainline: N/A Git-commit: 66d16879f4dd0f5f88c0e800997d6b9b674cccb5 References: bsc#1172004 This fixes and issue where authentication could be bypassed via an alternate path or channel when message Aggregation was enabled. A race condition allowed a user to launch a process as an arbitrary user. (CVE-2020-12693, bsc#1172004). Signed-off-by: Egbert Eich <eich@suse.com> --- src/slurmd/slurmd/req.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/slurmd/slurmd/req.c b/src/slurmd/slurmd/req.c index f176cc9..b07d3f6 100644 --- a/src/slurmd/slurmd/req.c +++ b/src/slurmd/slurmd/req.c @@ -2291,7 +2291,7 @@ _rpc_batch_job(slurm_msg_t *msg, bool new_msg) bool replied = false, revoked; slurm_addr_t *cli = &msg->orig_addr; - if (new_msg) { + if (1 || new_msg) { uid_t req_uid = g_slurm_auth_get_uid(msg->auth_cred, conf->auth_info); if (!_slurm_authorized_user(req_uid)) { @@ -5335,7 +5335,9 @@ _rpc_complete_batch(slurm_msg_t *msg) msg->data = NULL; msg_aggr_add_msg(req_msg, 1, - _handle_old_batch_job_launch); + running_serial ? + _handle_old_batch_job_launch : + NULL); return; } else { slurm_msg_t req_msg;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor