1. Ubuntu Security Notices
  2. USN-8197-1

USN-8197-1: Slurm vulnerability

Publication date

22 April 2026

Overview

Slurm could be made to send data to an arbitrary unix socket on the host.

Releases

Packages

  • slurm-llnl - Simple Linux Utility for Resource Management

Details

It was discovered that Slurm did not properly handle access control when
dealing with RPC traffic through PMI2 and PMIx, which could allow an
unprivileged user to send data to an arbitrary unix socket on the host.
An attacker could possibly use this issue to execute arbitrary code as
the root user.

It was discovered that Slurm did not properly handle access control when
dealing with RPC traffic through PMI2 and PMIx, which could allow an
unprivileged user to send data to an arbitrary unix socket on the host.
An attacker could possibly use this issue to execute arbitrary code as
the root user.

Update instructions

After a standard system update you need to restart Slurm to make all the necessary changes.

Learn more about how to get the fixes.

The problem can be corrected by updating your system to the following package versions:

Ubuntu Release Package Version
18.04 LTS bionic libpam-slurm –  17.11.2-1ubuntu0.1~esm5  
libpmi0 –  17.11.2-1ubuntu0.1~esm5  
libpmi2-0 –  17.11.2-1ubuntu0.1~esm5  
libslurm32 –  17.11.2-1ubuntu0.1~esm5  
libslurmdb32 –  17.11.2-1ubuntu0.1~esm5  
slurm-client –  17.11.2-1ubuntu0.1~esm5  
slurm-wlm –  17.11.2-1ubuntu0.1~esm5  
slurmctld –  17.11.2-1ubuntu0.1~esm5  
slurmd –  17.11.2-1ubuntu0.1~esm5  
slurmdbd –  17.11.2-1ubuntu0.1~esm5  
16.04 LTS xenial libpam-slurm –  15.08.7-1ubuntu0.1~esm6  
libpmi0 –  15.08.7-1ubuntu0.1~esm6  
libslurm29 –  15.08.7-1ubuntu0.1~esm6  
libslurmdb29 –  15.08.7-1ubuntu0.1~esm6  
slurm-client –  15.08.7-1ubuntu0.1~esm6  
slurm-llnl –  15.08.7-1ubuntu0.1~esm6  
slurm-wlm –  15.08.7-1ubuntu0.1~esm6  
slurmctld –  15.08.7-1ubuntu0.1~esm6  
slurmd –  15.08.7-1ubuntu0.1~esm6  
slurmdbd –  15.08.7-1ubuntu0.1~esm6  
14.04 LTS trusty libpam-slurm –  2.6.5-1ubuntu0.1~esm7  
libpmi0 –  2.6.5-1ubuntu0.1~esm7  
libslurm26 –  2.6.5-1ubuntu0.1~esm7  
libslurmdb26 –  2.6.5-1ubuntu0.1~esm7  
slurm-llnl –  2.6.5-1ubuntu0.1~esm7  

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Get Ubuntu Pro

References

Have additional questions?

Talk to a member of the team ›