CVE-2019-6438

EUVD-2019-15999
SchedMD Slurm before 17.11.13 and 18.x before 18.08.5 mishandles 32-bit systems.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 70%
Affected Products (NVD)
VendorProductVersion
schedmdslurm
𝑥
< 17.11.13
schedmdslurm
18.08.0 ≤
𝑥
< 18.08.5
opensuseleap
15.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
slurm-llnl
bionic
Fixed 17.11.2-1ubuntu0.1~esm3
released
cosmic
ignored
disco
not-affected
eoan
dne
focal
not-affected
groovy
not-affected
hirsute
dne
impish
dne
jammy
dne
kinetic
dne
lunar
dne
trusty
Fixed 2.6.5-1ubuntu0.1~esm4
released
xenial
Fixed 15.08.7-1ubuntu0.1~esm3
released
References
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00090.html
https://lists.debian.org/debian-lts-announce/2020/03/msg00016.html
https://lists.schedmd.com/pipermail/slurm-announce/2019/000018.html
https://www.schedmd.com/news.php?id=213
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00090.html
https://lists.debian.org/debian-lts-announce/2020/03/msg00016.html
https://lists.schedmd.com/pipermail/slurm-announce/2019/000018.html
https://www.schedmd.com/news.php?id=213