Bug 1178891 (CVE-2020-27746)

Summary: VUL-1: CVE-2020-27746: slurm,slurm_18_08,slurm_20_02,slurmlibs: potential leak of the magic cookie when sent as an argument to the xauth command
Product: [Novell Products] SUSE Security Incidents Reporter: Wolfgang Frisch <wolfgang.frisch>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: aguerrero, smash_bz
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/271752/
Whiteboard: CVSSv3.1:SUSE:CVE-2020-27746:3.7:(AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Wolfgang Frisch 2020-11-17 13:33:53 UTC 
CVE-2020-27746

Slurm's use of the 'xauth' command to manage X11 magic cookies can lead to an inadvertent disclosure of a user's cookie when setting up X11 forwarding on a node. An attacker monitoring /proc on the node could race the setup and steal the magic cookie, which may let them connect to that user's X11 session. A job would only be impacted if --x11 was requested at submission time.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1898127
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27746
Comment 2 OBSbugzilla Bot 2020-11-18 12:20:24 UTC 
This is an autogenerated message for OBS integration:
This bug (1178891) was mentioned in
https://build.opensuse.org/request/show/849278 15.2 / slurm
Comment 4 OBSbugzilla Bot 2020-11-18 19:50:11 UTC 
This is an autogenerated message for OBS integration:
This bug (1178891) was mentioned in
https://build.opensuse.org/request/show/849302 15.1 / slurm
Comment 5 Swamp Workflow Management 2020-11-24 20:16:15 UTC 
SUSE-SU-2020:3505-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for HPC 15-SP1 (src):    slurm-18.08.9-3.16.4

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 6 Swamp Workflow Management 2020-11-24 20:23:13 UTC 
SUSE-SU-2020:3506-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1173805,1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for HPC 15-SP2 (src):    slurm-20.02.6-3.3.4

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 7 Ana Guerrero 2020-11-25 08:56:34 UTC 
For the record, slurm 17.02 is not affected by this issue.
Comment 8 Swamp Workflow Management 2020-11-26 17:38:45 UTC 
openSUSE-SU-2020:2033-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
openSUSE Leap 15.1 (src):    slurm-18.08.9-lp151.2.14.1
Comment 9 Swamp Workflow Management 2020-11-27 02:15:35 UTC 
openSUSE-SU-2020:2056-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1173805,1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    slurm-20.02.6-lp152.2.3.1
Comment 13 Swamp Workflow Management 2020-12-17 14:21:34 UTC 
SUSE-SU-2020:3863-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for HPC 12 (src):    slurm_18_08-18.08.9-3.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 14 Swamp Workflow Management 2020-12-18 20:16:12 UTC 
SUSE-SU-2020:3877-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    slurm_18_08-18.08.9-1.11.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    slurm_18_08-18.08.9-1.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 15 Swamp Workflow Management 2020-12-18 20:18:28 UTC 
SUSE-SU-2020:3878-1: An update that solves two vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1153259,1155784,1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for HPC 15-SP1 (src):    slurm-17.11.13-6.34.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    slurm-17.11.13-6.34.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    slurm-17.11.13-6.34.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 16 Swamp Workflow Management 2020-12-19 14:15:08 UTC 
openSUSE-SU-2020:2286-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
openSUSE Leap 15.1 (src):    slurm-18.08.9-lp151.6.1
Comment 17 Swamp Workflow Management 2020-12-21 14:20:41 UTC 
SUSE-SU-2020:3892-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for HPC 12 (src):    slurm_20_02-20.02.6-3.8.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 19 Swamp Workflow Management 2021-01-15 14:22:37 UTC 
SUSE-SU-2021:0139-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for HPC 15-SP1 (src):    slurm_20_02-20.02.6-3.16.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 20 Swamp Workflow Management 2021-01-17 14:15:10 UTC 
openSUSE-SU-2021:0096-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    slurm-18.08.9-lp152.5.1
Comment 22 Wolfgang Frisch 2021-01-25 14:46:50 UTC 
Released
Comment 25 Swamp Workflow Management 2021-03-12 17:18:38 UTC 
SUSE-SU-2021:0773-1: An update that fixes 11 vulnerabilities, contains one feature is now available.

Category: security (important)
Bug References: 1018371,1065697,1085240,1095508,1123304,1140709,1155784,1159692,1172004,1178890,1178891
CVE References: CVE-2016-10030,CVE-2017-15566,CVE-2018-10995,CVE-2018-7033,CVE-2019-12838,CVE-2019-19727,CVE-2019-19728,CVE-2019-6438,CVE-2020-12693,CVE-2020-27745,CVE-2020-27746
JIRA References: ECO-2412
Sources used:
SUSE Linux Enterprise Module for HPC 12 (src):    pdsh-2.34-7.32.1, pdsh_slurm_18_08-2.34-7.32.1, pdsh_slurm_20_02-2.34-7.32.1, pdsh_slurm_20_11-2.34-7.32.1, slurm_20_11-20.11.4-3.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.