CVE-2020-36770 – This vulnerability in Gentoo's Slurm ebuild all... (How to Fix)

📋 TL;DR

This vulnerability in Gentoo's Slurm ebuild allows the slurm user to gain ownership of root-owned files through improper chown calls during package installation. It affects Gentoo Linux systems running Slurm workload manager with the vulnerable ebuild. Attackers could escalate privileges to root access on affected systems.

💻 Affected Systems

Products:

Slurm workload manager on Gentoo Linux

Versions: Through 22.05.3

Operating Systems: Gentoo Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects Gentoo installations using the vulnerable ebuild; other distributions are not affected.

📦 What is this software?

Ebuild For Slurm by Gentoo

View all CVEs affecting Ebuild For Slurm →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full root compromise allowing complete system takeover, data theft, and persistent backdoor installation.

🟠

Likely Case

Privilege escalation to root by exploiting file ownership changes to gain unauthorized access to sensitive system files.

🟢

If Mitigated

Limited impact if slurm user is restricted and proper file permissions are enforced, though risk remains.

🌐 Internet-Facing: LOW - Exploitation requires local access to the slurm user account.

🏢 Internal Only: HIGH - Internal users with slurm access can exploit this for privilege escalation.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires access to the slurm user account and knowledge of vulnerable file paths.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 22.05.3-r1 and later

Vendor Advisory: https://bugs.gentoo.org/631552

Restart Required: No

Instructions:

1. Update the slurm ebuild: emerge --sync
2. Update slurm: emerge --ask --verbose --update slurm
3. Rebuild if needed: emerge @preserved-rebuild

🔧 Temporary Workarounds

Restrict slurm user permissions

linux

Limit slurm user's ability to execute post-installation scripts

usermod -s /sbin/nologin slurm
chmod 750 /usr/libexec/slurm

🧯 If You Can't Patch

Remove execute permissions from slurm user for critical directories
Monitor file ownership changes in /etc and /usr directories for suspicious activity

🔍 How to Verify

Check if Vulnerable:

Check installed slurm version: emerge -pv slurm | grep 'slurm-'

Check Version:

emerge -pv slurm | grep 'slurm-'

Verify Fix Applied:

Verify slurm ebuild version is 22.05.3-r1 or later: qlist -Iv slurm

📡 Detection & Monitoring

Log Indicators:

Unexpected chown operations by slurm user
File permission changes in system directories

Network Indicators:

None - local privilege escalation only

SIEM Query:

process.name:chown AND user.name:slurm AND file.path:/etc/* OR file.path:/usr/*

📊 Metadata

CVE ID: CVE-2020-36770

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-732

Published: January 15, 2024

Last Updated: June 20, 2025

🔗 References

https://bugs.gentoo.org/631552 Exploit,Issue Tracking,Patch
https://bugs.gentoo.org/631552 Exploit,Issue Tracking,Patch

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-36770, you might also want to check these: