A security update for Slurm Workload Manager (slurm-wlm) has been issued for Debian GNU/Linux 12 (Bookworm) due to a vulnerability identified as CVE-2025-43904. This issue was discovered by Sekou Diakite from HPE and pertains to a flaw in permission handling within the accounting system of Slurm. Specifically, it could allow a Coordinator to improperly elevate a user's privileges to that of an Administrator.
The problem has been addressed in the stable distribution (Bookworm) with the release of version 22.05.8-4+deb12u3. Users are strongly encouraged to upgrade their slurm-wlm packages to mitigate this security risk.
For more information on the security status of slurm-wlm, users can visit the security tracker page. Additional resources regarding Debian Security Advisories, instructions on applying updates, and answers to frequently asked questions are also available on the Debian security website.
Extension:
As security vulnerabilities can pose significant risks to system integrity and user data, it is crucial for administrators and users of Debian GNU/Linux 12 to stay updated on security advisories. Regularly checking for updates, applying patches promptly, and understanding the implications of security flaws are essential practices. Furthermore, users might want to consider implementing additional security measures, such as regular audits of user permissions and monitoring for unauthorized changes within their systems. By adopting a proactive approach to security, users can better safeguard their systems against potential threats
The problem has been addressed in the stable distribution (Bookworm) with the release of version 22.05.8-4+deb12u3. Users are strongly encouraged to upgrade their slurm-wlm packages to mitigate this security risk.
For more information on the security status of slurm-wlm, users can visit the security tracker page. Additional resources regarding Debian Security Advisories, instructions on applying updates, and answers to frequently asked questions are also available on the Debian security website.
Extension:
As security vulnerabilities can pose significant risks to system integrity and user data, it is crucial for administrators and users of Debian GNU/Linux 12 to stay updated on security advisories. Regularly checking for updates, applying patches promptly, and understanding the implications of security flaws are essential practices. Furthermore, users might want to consider implementing additional security measures, such as regular audits of user permissions and monitoring for unauthorized changes within their systems. By adopting a proactive approach to security, users can better safeguard their systems against potential threats
Slurm-WLM security update for Debian 12
A slurm-wlm security update has been released for Debian GNU/Linux 12 (Bookworm):
[DSA 5961-1] slurm-wlm security update
