Bug 1178891 - (CVE-2020-27746) VUL-1: CVE-2020-27746: slurm,slurm_18_08,slurm_20_02,slurmlibs: potential leak of the magic cookie when sent as an argument to the xauth command
(CVE-2020-27746)
VUL-1: CVE-2020-27746: slurm,slurm_18_08,slurm_20_02,slurmlibs: potential lea...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/271752/
CVSSv3.1:SUSE:CVE-2020-27746:3.7:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2020-11-17 13:33 UTC by Wolfgang Frisch
Modified: 2022-11-04 15:10 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Wolfgang Frisch 2020-11-17 13:33:53 UTC
CVE-2020-27746

Slurm's use of the 'xauth' command to manage X11 magic cookies can lead to an inadvertent disclosure of a user's cookie when setting up X11 forwarding on a node. An attacker monitoring /proc on the node could race the setup and steal the magic cookie, which may let them connect to that user's X11 session. A job would only be impacted if --x11 was requested at submission time.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1898127
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27746
Comment 2 OBSbugzilla Bot 2020-11-18 12:20:24 UTC
This is an autogenerated message for OBS integration:
This bug (1178891) was mentioned in
https://build.opensuse.org/request/show/849278 15.2 / slurm
Comment 4 OBSbugzilla Bot 2020-11-18 19:50:11 UTC
This is an autogenerated message for OBS integration:
This bug (1178891) was mentioned in
https://build.opensuse.org/request/show/849302 15.1 / slurm
Comment 5 Swamp Workflow Management 2020-11-24 20:16:15 UTC
SUSE-SU-2020:3505-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for HPC 15-SP1 (src):    slurm-18.08.9-3.16.4

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 6 Swamp Workflow Management 2020-11-24 20:23:13 UTC
SUSE-SU-2020:3506-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1173805,1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for HPC 15-SP2 (src):    slurm-20.02.6-3.3.4

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 7 Ana Guerrero 2020-11-25 08:56:34 UTC
For the record, slurm 17.02 is not affected by this issue.
Comment 8 Swamp Workflow Management 2020-11-26 17:38:45 UTC
openSUSE-SU-2020:2033-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
openSUSE Leap 15.1 (src):    slurm-18.08.9-lp151.2.14.1
Comment 9 Swamp Workflow Management 2020-11-27 02:15:35 UTC
openSUSE-SU-2020:2056-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1173805,1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    slurm-20.02.6-lp152.2.3.1
Comment 13 Swamp Workflow Management 2020-12-17 14:21:34 UTC
SUSE-SU-2020:3863-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for HPC 12 (src):    slurm_18_08-18.08.9-3.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 14 Swamp Workflow Management 2020-12-18 20:16:12 UTC
SUSE-SU-2020:3877-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    slurm_18_08-18.08.9-1.11.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    slurm_18_08-18.08.9-1.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 15 Swamp Workflow Management 2020-12-18 20:18:28 UTC
SUSE-SU-2020:3878-1: An update that solves two vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1153259,1155784,1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for HPC 15-SP1 (src):    slurm-17.11.13-6.34.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    slurm-17.11.13-6.34.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    slurm-17.11.13-6.34.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 16 Swamp Workflow Management 2020-12-19 14:15:08 UTC
openSUSE-SU-2020:2286-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
openSUSE Leap 15.1 (src):    slurm-18.08.9-lp151.6.1
Comment 17 Swamp Workflow Management 2020-12-21 14:20:41 UTC
SUSE-SU-2020:3892-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for HPC 12 (src):    slurm_20_02-20.02.6-3.8.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 19 Swamp Workflow Management 2021-01-15 14:22:37 UTC
SUSE-SU-2021:0139-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for HPC 15-SP1 (src):    slurm_20_02-20.02.6-3.16.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 20 Swamp Workflow Management 2021-01-17 14:15:10 UTC
openSUSE-SU-2021:0096-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1178890,1178891
CVE References: CVE-2020-27745,CVE-2020-27746
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    slurm-18.08.9-lp152.5.1
Comment 22 Wolfgang Frisch 2021-01-25 14:46:50 UTC
Released
Comment 25 Swamp Workflow Management 2021-03-12 17:18:38 UTC
SUSE-SU-2021:0773-1: An update that fixes 11 vulnerabilities, contains one feature is now available.

Category: security (important)
Bug References: 1018371,1065697,1085240,1095508,1123304,1140709,1155784,1159692,1172004,1178890,1178891
CVE References: CVE-2016-10030,CVE-2017-15566,CVE-2018-10995,CVE-2018-7033,CVE-2019-12838,CVE-2019-19727,CVE-2019-19728,CVE-2019-6438,CVE-2020-12693,CVE-2020-27745,CVE-2020-27746
JIRA References: ECO-2412
Sources used:
SUSE Linux Enterprise Module for HPC 12 (src):    pdsh-2.34-7.32.1, pdsh_slurm_18_08-2.34-7.32.1, pdsh_slurm_20_02-2.34-7.32.1, pdsh_slurm_20_11-2.34-7.32.1, slurm_20_11-20.11.4-3.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.