vulnerability

Red Hat: CVE-2023-41915: pmix: race condition allows attackers to obtain ownership of arbitrary files (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:M/Au:N/C:C/I:C/A:C)	Sep 9, 2023	May 1, 2024	Sep 1, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

Sep 9, 2023

Added

May 1, 2024

Modified

Sep 1, 2025

Description

OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0.

Solutions

redhat-upgrade-pmixredhat-upgrade-pmix-debuginforedhat-upgrade-pmix-debugsourceredhat-upgrade-pmix-develredhat-upgrade-pmix-pmiredhat-upgrade-pmix-pmi-debuginforedhat-upgrade-pmix-pmi-develredhat-upgrade-pmix-toolsredhat-upgrade-pmix-tools-debuginfo

References

CWE-362
NVD-CVE-2023-41915
REDHAT-RHSA-2024:2199
REDHAT-RHSA-2024:3008

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today