vulnerability

Gentoo Linux: CVE-2020-36770: Slurm: Multiple Vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
10	(AV:N/AC:L/Au:N/C:C/I:C/A:C)	Jan 15, 2024	Sep 23, 2024	Aug 13, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

Jan 15, 2024

Added

Sep 23, 2024

Modified

Aug 13, 2025

Description

pkg_postinst in the Gentoo ebuild for Slurm through 22.05.3 unnecessarily calls chown to assign root's ownership on files in the live root filesystem. This could be exploited by the slurm user to become the owner of root-owned files.

Solution

gentoo-linux-upgrade-sys-cluster-slurm

References

CVE-2020-36770
https://attackerkb.com/topics/CVE-2020-36770
CWE-732
GENTOO-202409-16

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today