CVE-2019-6438

SchedMD Slurm before 17.11.13 and 18.x before 18.08.5 mishandles 32-bit systems.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 66%
VendorProductVersion
schedmdslurm
𝑥
< 17.11.13
schedmdslurm
18.08.0 ≤
𝑥
< 18.08.5
opensuseleap
15.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
slurm-llnl
lunar
dne
kinetic
dne
jammy
dne
impish
dne
hirsute
dne
groovy
not-affected
focal
not-affected
eoan
dne
disco
not-affected
cosmic
ignored
bionic
Fixed 17.11.2-1ubuntu0.1~esm3
released
xenial
Fixed 15.08.7-1ubuntu0.1~esm3
released
trusty
Fixed 2.6.5-1ubuntu0.1~esm4
released
References
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00090.html
https://lists.debian.org/debian-lts-announce/2020/03/msg00016.html
https://lists.schedmd.com/pipermail/slurm-announce/2019/000018.html
https://www.schedmd.com/news.php?id=213
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00090.html
https://lists.debian.org/debian-lts-announce/2020/03/msg00016.html
https://lists.schedmd.com/pipermail/slurm-announce/2019/000018.html
https://www.schedmd.com/news.php?id=213