Bug 1178891 – VUL-1: CVE-2020-27746: slurm,slurm_18_08,slurm_20_02,slurmlibs: potential leak of the magic cookie when sent as an argument to the xauth command

Bug 1178891 - (CVE-2020-27746) VUL-1: CVE-2020-27746: slurm,slurm_18_08,slurm_20_02,slurmlibs: potential leak of the magic cookie when sent as an argument to the xauth command

(CVE-2020-27746)
Summary:	VUL-1: CVE-2020-27746: slurm,slurm_18_08,slurm_20_02,slurmlibs: potential lea...

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/271752/
Whiteboard:	CVSSv3.1:SUSE:CVE-2020-27746:3.7:(AV:...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2020-11-17 13:33 UTC by Wolfgang Frisch
Modified:	2022-11-04 15:10 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Wolfgang Frisch 2020-11-17 13:33:53 UTC

CVE-2020-27746

Slurm's use of the 'xauth' command to manage X11 magic cookies can lead to an inadvertent disclosure of a user's cookie when setting up X11 forwarding on a node. An attacker monitoring /proc on the node could race the setup and steal the magic cookie, which may let them connect to that user's X11 session. A job would only be impacted if --x11 was requested at submission time.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1898127
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27746

Comment 2 OBSbugzilla Bot 2020-11-18 12:20:24 UTC

This is an autogenerated message for OBS integration:
This bug (1178891) was mentioned in
https://build.opensuse.org/request/show/849278 15.2 / slurm

Comment 4 OBSbugzilla Bot 2020-11-18 19:50:11 UTC

This is an autogenerated message for OBS integration:
This bug (1178891) was mentioned in
https://build.opensuse.org/request/show/849302 15.1 / slurm

Comment 5 Swamp Workflow Management 2020-11-24 20:16:15 UTC

SUSE-SU-2020:3505-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for HPC 15-SP1 (src):    slurm-18.08.9-3.16.4

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 6 Swamp Workflow Management 2020-11-24 20:23:13 UTC

SUSE-SU-2020:3506-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1173805,1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for HPC 15-SP2 (src):    slurm-20.02.6-3.3.4

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 7 Ana Guerrero 2020-11-25 08:56:34 UTC

For the record, slurm 17.02 is not affected by this issue.

Comment 8 Swamp Workflow Management 2020-11-26 17:38:45 UTC

openSUSE-SU-2020:2033-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
openSUSE Leap 15.1 (src):    slurm-18.08.9-lp151.2.14.1

Comment 9 Swamp Workflow Management 2020-11-27 02:15:35 UTC

openSUSE-SU-2020:2056-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1173805,1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    slurm-20.02.6-lp152.2.3.1

Comment 13 Swamp Workflow Management 2020-12-17 14:21:34 UTC

SUSE-SU-2020:3863-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for HPC 12 (src):    slurm_18_08-18.08.9-3.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 14 Swamp Workflow Management 2020-12-18 20:16:12 UTC

SUSE-SU-2020:3877-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    slurm_18_08-18.08.9-1.11.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    slurm_18_08-18.08.9-1.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 15 Swamp Workflow Management 2020-12-18 20:18:28 UTC

SUSE-SU-2020:3878-1: An update that solves two vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1153259,1155784,1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for HPC 15-SP1 (src):    slurm-17.11.13-6.34.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    slurm-17.11.13-6.34.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    slurm-17.11.13-6.34.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 16 Swamp Workflow Management 2020-12-19 14:15:08 UTC

openSUSE-SU-2020:2286-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
openSUSE Leap 15.1 (src):    slurm-18.08.9-lp151.6.1

Comment 17 Swamp Workflow Management 2020-12-21 14:20:41 UTC

SUSE-SU-2020:3892-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for HPC 12 (src):    slurm_20_02-20.02.6-3.8.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 19 Swamp Workflow Management 2021-01-15 14:22:37 UTC

SUSE-SU-2021:0139-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for HPC 15-SP1 (src):    slurm_20_02-20.02.6-3.16.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 20 Swamp Workflow Management 2021-01-17 14:15:10 UTC

openSUSE-SU-2021:0096-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    slurm-18.08.9-lp152.5.1

Comment 22 Wolfgang Frisch 2021-01-25 14:46:50 UTC

Released

Comment 25 Swamp Workflow Management 2021-03-12 17:18:38 UTC

SUSE-SU-2021:0773-1: An update that fixes 11 vulnerabilities, contains one feature is now available.

Category: security (important)
Bug References: 1018371,1065697,1085240,1095508,1123304,1140709,1155784,1159692,1172004,1178890,1178891
CVE References: CVE-2016-10030,CVE-2017-15566,CVE-2018-10995,CVE-2018-7033,CVE-2019-12838,CVE-2019-19727,CVE-2019-19728,CVE-2019-6438,CVE-2020-12693,CVE-2020-27745,CVE-2020-27746
JIRA References: ECO-2412
Sources used:
SUSE Linux Enterprise Module for HPC 12 (src):    pdsh-2.34-7.32.1, pdsh_slurm_18_08-2.34-7.32.1, pdsh_slurm_20_02-2.34-7.32.1, pdsh_slurm_20_11-2.34-7.32.1, slurm_20_11-20.11.4-3.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.