Your submission was sent successfully! Close

CVE-2013-4255

Published: 11 October 2013

The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, or (5) KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job.

Priority

High

Status

Package Release Status
condor
Launchpad, Ubuntu, Debian
Upstream
Released (8.0.3)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(8.6.8~dfsg.1-2)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(8.4.2~dfsg.1-1build1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [8.0.5~dfsg.1-1ubuntu1])