Cray Linux Environment
Monthly
apinit on Cray devices with CLE before 4.2.UP02 and 5.x before 5.1.UP00 does not use alpsauth data to validate the UID in a launch message, which allows local users to gain privileges via a modified. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.
apinit on Cray devices with CLE before 4.2.UP02 and 5.x before 5.1.UP00 does not use alpsauth data to validate the UID in a launch message, which allows local users to gain privileges via a modified. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.