A review of Slurm's RPC handling code uncovered a potential buffer overflow with one utility function. The only affected use is in Slurm's PMIx MPI plugin, and a job would only be vulnerable if --mpi=pmix was requested, or the site has set MpiDefault=pmix in slurm.conf.
External References: https://github.com/SchedMD/slurm/commit/c3142dd87e06621ff148791c3d2f298b5c0b3a81 https://lists.schedmd.com/pipermail/slurm-announce/2020/000045.html https://www.schedmd.com/news.php?id=240
Created slurm tracking bugs for this issue: Affects: fedora-all [bug 1898122]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.