A missing access control flaw in Slurm's PMI2 and PMIx RPC handling (CVE-2022-29501, CVSS 8.8 HIGH) allows an unprivileged user to send data to arbitrary host Unix sockets, potentially leading to root code execution. The vulnerability affects Slurm versions prior to 20.11.9 and versions 21.08.0 through 21.08.7. The fixed versions are Slurm 20.11.9 and 21.08.8.
Ubuntu Security Notices USN-8197-1 USN-8197-1: Slurm vulnerability Publication date 22 April 2026 Overview Slurm could be made to send data to an arbitrary unix socket on the host. Releases 18.04 LTS 16.04 LTS 14.04 LTS Open side navigation Close side navigation Packages Details Update instructions References Related notices Packages slurm-llnl - Simple Linux Utility for Resource Management Details It was discovered that Slurm did not properly handle access control when dealing with RPC traffic through PMI2 and PMIx, which could allow an unprivileged user to send data to an arbitrary unix socket on the host. An attacker could possibly use this issue to execute arbitrary code as the root user. It was discovered that Slurm did not properly handle access control when dealing with RPC traffic through PMI2 and PMIx, which could allow an unprivileged user to send data to an arbitrary unix socket on the host. An attacker could possibly use this issue to execute arbitrary code as the root user. Update instructions After a standard system update you need to restart Slurm to make all the necessary changes. Learn more about how to get the fixes. The problem can be corrected by updating your system to the following package versions: Ubuntu Release Package Version 18.04 LTS bionic libpam-slurm – 17.11.2-1ubuntu0.1~esm5 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. libpmi0 – 17.11.2-1ubuntu0.1~esm5 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. libpmi2-0 – 17.11.2-1ubuntu0.1~esm5 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. libslurm32 – 17.11.2-1ubuntu0.1~esm5 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. libslurmdb32 – 17.11.2-1ubuntu0.1~esm5 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. slurm-client – 17.11.2-1ubuntu0.1~esm5 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. slurm-wlm – 17.11.2-1ubuntu0.1~esm5 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. slurmctld – 17.11.2-1ubuntu0.1~esm5 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. slurmd – 17.11.2-1ubuntu0.1~esm5 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. slurmdbd – 17.11.2-1ubuntu0.1~esm5 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. 16.04 LTS xenial libpam-slurm – 15.08.7-1ubuntu0.1~esm6 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. libpmi0 – 15.08.7-1ubuntu0.1~esm6 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. libslurm29 – 15.08.7-1ubuntu0.1~esm6 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. libslurmdb29 – 15.08.7-1ubuntu0.1~esm6 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. slurm-client – 15.08.7-1ubuntu0.1~esm6 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. slurm-llnl – 15.08.7-1ubuntu0.1~esm6 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. slurm-wlm – 15.08.7-1ubuntu0.1~esm6 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. slurmctld – 15.08.7-1ubuntu0.1~esm6 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. slurmd – 15.08.7-1ubuntu0.1~esm6 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. slurmdbd – 15.08.7-1ubuntu0.1~esm6 Ubuntu Pro Fix available with Ubuntu Pro via ESM Apps. A community fix might become publicly available in the future. 14.04 LTS trusty libpam-slurm – 2.6.5-1ubuntu0.1~esm7 Ubuntu Pro Fix available with Ubuntu Pro via Legacy Support add-on. libpmi0 – 2.6.5-1ubuntu0.1~esm7 Ubuntu Pro Fix available with Ubuntu Pro via Legacy Support add-on. libslurm26 – 2.6.5-1ubuntu0.1~esm7 Ubuntu Pro Fix available with Ubuntu Pro via Legacy Support add-on. libslurmdb26 – 2.6.5-1ubuntu0.1~esm7 Ubuntu Pro Fix available with Ubuntu Pro via Legacy Support add-on. slurm-llnl – 2.6.5-1ubuntu0.1~esm7 Ubuntu Pro Fix available with Ubuntu Pro via Legacy Support add-on. Reduce your security exposure Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines. Get Ubuntu Pro References CVE-2022-29501 CVE-2022-29501 Related notices USN-6458-1 USN-6458-1