Vulnerability in Adaptivecomputing Torque_resource_manager
CVE-2014-3684
The tm_adopt function in lib/Libifl/tm.c in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 5.0.x, 4.5.x, 4.2.x, and earlier does not validate that the owner of the process also owns the adopted session id, w…
EPSS: 0.024 (85.3th percentile) — read the EPSS interpretation.
Affected products
- Adaptivecomputing Torque_resource_manager — versions 4.2.3, 4.2.3.1, 4.2.4
- N/a — versions n/a
Weakness classification (CWE)
References
- FEDORA-2015-8577 (x_refsource_FEDORA, vendor-advisory)
- [oss-security] 20141003 Re: tm_adopt() vulnerability in TORQUE Resource Manager (mailing-list, x_refsource_MLIST)
- secalert@redhat.com (x_refsource_CONFIRM)
- FEDORA-2015-8544 (x_refsource_FEDORA, vendor-advisory)
- 61960 (x_refsource_SECUNIA, third-party-advisory)
- FEDORA-2015-8571 (x_refsource_FEDORA, vendor-advisory)
- DSA-3058 (vendor-advisory, x_refsource_DEBIAN)
- MDVSA-2015:124 (vendor-advisory, x_refsource_MANDRIVA)
- [oss-security] 20141002 tm_adopt() vulnerability in TORQUE Resource Manager (mailing-list, x_refsource_MLIST)
- 61350 (x_refsource_SECUNIA, third-party-advisory)