CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
43.1%
libslurm is vulnerable to a Double Free. The vulnerability is due improper memory management allows attackers to cause a denial of service or possibly execute arbitrary code.
github.com/SchedMD/slurm/commit/91f3d8fda040f7fb5025d84d4f146e72a1fc7bd8
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63FEDDYEE2WK7FHWBHKON3OZVQI56WSQ/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AYQS3LFGC4HE4WCW4L3NAA2I6FRIWMNO/
lists.schedmd.com/pipermail/slurm-announce/2023/000103.html
security-tracker.debian.org/tracker/CVE-2023-49937
www.schedmd.com/security-archive.php