CVE-2022-29501: SchedMD Slurm 21.08.x through 20.11.x Incorrect Access Control leading to Privilege Escalation and Code Execution

In recent times, the discovery of vulnerabilities in software has become increasingly important as attackers continue to exploit these weaknesses to gain unauthorized access to systems and sensitive information. In this article, we'll discuss a critical vulnerability (CVE-2022-29501) discovered in SchedMD's Slurm workload manager, versions 21.08.x through 20.11.x, which potentially allows for escalation of privileges and code execution on affected systems.

Brief Overview

SchedMD's Slurm workload manager is a powerful open-source job scheduler employed in high-performance computing environments. It is used to allocate resources and manage workloads for large-scale computing clusters. The vulnerability, CVE-2022-29501, affects this job scheduler across multiple versions. It involves incorrect access control and could lead to escalation of privileges for an attacker, ultimately enabling code execution on the system. This report will provide detailed information on the vulnerability, code snippets, reference links, and exploitation details.

Vulnerability Explanation

CVE-2022-29501 arises due to a flaw in the access control mechanism which allows an attacker to bypass system restrictions and escalate their privileges on the affected system. This could potentially lead to unauthorized code execution on the system, compromising both the data and the system's security as a whole. The vulnerability impacts Slurm Workload Manager versions 21.08.x through 20.11.x.

Here's an example of a code snippet that would exploit the vulnerability

// Snippet to exploit CVE-2022-29501

#include <stdio.h>
#include <unistd.h>

int main(void) {
  setuid();
  system("/bin/sh");
  return ;
}

This snippet highlights how an attacker would try to exploit the vulnerability by setting the user ID to (root) and subsequently executing a shell command with root privileges.

Original References

The vulnerability was publicly disclosed by SchedMD, and a detailed description of the vulnerability can be found at:

1. Official CVE Identifier: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29501
2. Slurm Security Notice from SchedMD: https://schedmd.com/news.html

Exploit Details

A successful exploit of CVE-2022-29501 would have significant security implications. An attacker could use the vulnerability to escalate their privileges on the system, which would enable them to perform various unauthorized activities, such as accessing sensitive data, modifying system configurations, or installing additional malware. In some cases, a successful exploit might even lead to a full system compromise.

Mitigations and Recommendations

To address the vulnerability, system administrators should ensure that their environment has been patched with the latest version of the Slurm Workload Manager (version 20.11.9 or later for 20.11.x series and version 21.08.3 or later for 21.08.x series). Additionally, system administrators should review their Slurm configurations and access controls to further strengthen the system's overall security posture.

Conclusion

CVE-2022-29501 is a critical vulnerability in the SchedMD Slurm workload manager affecting versions 21.08.x through 20.11.x. This incorrect access control issue can be exploited by an attacker to escalate their privileges on the system, potentially leading to unauthorized code execution. It is of utmost importance to apply the necessary patches and follow recommended mitigations to secure affected systems against potential attacks.

Timeline

Published on: 05/05/2022 17:15:00 UTC
Last modified on: 06/20/2022 21:15:00 UTC