You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
pmix vulnerability
About this tag
The pmix vulnerability tag covers CVE-2023-41915, a TOCTOU race condition in the OpenPMIx library that allows a local attacker to take ownership of arbitrary files when privileged PMIx code runs as UID 0. This vulnerability was fixed in PMIx 4.2.6 and 5.0.1 but remains critical for administrators of HPC clusters and environments integrating PMIx, such as Slurm. Discussions emphasize upgrading to patched versions and hardening cluster configurations to mitigate the risk. The tag focuses on security advisories, patching strategies, and best practices for securing PMIx deployments in high-performance computing contexts.
A subtle race condition in the OpenPMIx library can allow a local attacker to take ownership of arbitrary files when privileged PMIx code runs as UID 0 — a vulnerability tracked as CVE-2023-41915 that was fixed in PMIx 4.2.6 and 5.0.1 but continues to demand urgent attention from administrators...