Our website uses cookies to give you the most optimal experience online by: measuring our audience, understanding how our webpages are viewed and improving consequently the way our website works, providing you with relevant and personalized marketing content.
You have full control over what you want to activate. You can accept the cookies by clicking on the “Accept all cookies” button or customize your choices by selecting the cookies you want to activate. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button. Please find more information on our use of cookies and how to withdraw at any time your consent on our privacy policy.

Managing your cookies

Our website uses cookies. You have full control over what you want to activate. You can accept the cookies by clicking on the “Accept all cookies” button or customize your choices by selecting the cookies you want to activate. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button.

Necessary cookies

These are essential for the user navigation and allow to give access to certain functionalities such as secured zones accesses. Without these cookies, it won’t be possible to provide the service.
Matomo on premise

Marketing cookies

These cookies are used to deliver advertisements more relevant for you, limit the number of times you see an advertisement; help measure the effectiveness of the advertising campaign; and understand people’s behavior after they view an advertisement.
Adobe Privacy policy | Marketo Privacy Policy | MRP Privacy Policy | AccountInsight Privacy Policy | Triblio Privacy Policy

Social media cookies

These cookies are used to measure the effectiveness of social media campaigns.
LinkedIn Policy

Our website uses cookies to give you the most optimal experience online by: measuring our audience, understanding how our webpages are viewed and improving consequently the way our website works, providing you with relevant and personalized marketing content. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button. Please find more information on our use of cookies and how to withdraw at any time your consent on our privacy policy.

Skip to main content

Critical vulnerabilities in Slurm CVE-2022-29500-1-2

HPC users should upgrade Slurm

On May 4th, 2022, SchedMD released a security advisory to address 3 critical vulnerabilities patched in Slurm versions 21.08.8 and 20.11.9.

The Slurm Workload Manager, formerly known as Simple Linux Utility for Resource Management (SLURM), or simply Slurm, is a free and open-source job scheduler for Linux and Unix-like kernels, used by many of the world’s supercomputers and computer clusters.
It provides three key functions:
• allocating exclusive and/or non-exclusive access to resources (computer nodes) for users for some duration of time so they can perform work,
• providing a framework for starting, executing, and monitoring work, typically a parallel job such as Message Passing Interface (MPI) on a set of allocated nodes, and
• arbitrating contention for resources by managing a queue of pending jobs.
The vulnerabilities are tracked as CVE-2022-29500, CVE-2022-29501 and CVE-2022-29502.
The main impact of these vulnerabilities is limited to HPC scope and doesn’t affect enterprise services.
SchedMD only issues security fixes for the supported releases (which currently are 21.08 and 20.11). Due to the complexity of these fixes, we do not recommend attempting to backport the fixes to
older releases, and strongly encourage to upgrade to newest versions. Customers which still use Slurm in version 19.05, are strongly advised to update the software. At the same time it is important to note that upgrade to 20.11 version remains a temporary solution as 20.11 EOL (End of Life) is expected soon with the release of 22.05 version.

See attached Security Bulletin for more details.

Read the security bulletin

Share this article

Follow us on