Francois Diakhate reported that a race condition in pmix, a library implementing Process Management Interface (PMI) Exascale API, could allow a malicious user to obtain ownership of an arbitrary file on the filesystem when parts of the PMIx library are called by a process with elevated privileges, resulting in privilege escalation. This may happen under the default configuration of certain workload managers, including Slurm.
https://security-tracker.debian.org/tracker/DSA-5547-1
Continue reading...
https://security-tracker.debian.org/tracker/DSA-5547-1
Continue reading...