CVE-2020-25870

Read Time:9 Second

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

Read More

CVE-2018-11103

Read Time:9 Second

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

Read More

USN-6459-1: MySQL vulnerabilities

Read Time:27 Second

Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.

MySQL has been updated to 8.0.35 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS,
Ubuntu 23.04, and Ubuntu 23.10.

In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.

Please see the following for more information:

https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-35.html
https://www.oracle.com/security-alerts/cpuoct2023.html

Read More

USN-6458-1: Slurm vulnerabilities

Read Time:46 Second

It was discovered that Slurm did not properly handle credential
management, which could allow an unprivileged user to impersonate the
SlurmUser account. An attacker could possibly use this issue to execute
arbitrary code as the root user. (CVE-2022-29500)

It was discovered that Slurm did not properly handle access control when
dealing with RPC traffic through PMI2 and PMIx, which could allow an
unprivileged user to send data to an arbitrary unix socket in the host.
An attacker could possibly use this issue to execute arbitrary code as
the root user. (CVE-2022-29501)

It was discovered that Slurm did not properly handle validation logic when
processing input and output data with the srun client, which could lead to
the interception of process I/O. An attacker could possibly use this issue
to expose sensitive information or execute arbitrary code. This issue only
affected Ubuntu 22.04 LTS. (CVE-2022-29502)

Read More