It was discovered that the Linux kernel algif_aead module contained a logic flaw allowing a local attacker to escalate privileges to root. All Qlustar 14 Ubuntu releases are vulnerable to this bug. Qlustar 13 Ubuntu releases are not vulnerable and Qlustar 13/14 AlmaLinux releases are vulnerable but the public exploit does not work there. To mitigate the issue until kernel updates are made available please proceed as follows:

On all running Qlustar 14 Ubuntu nodes including the head-node execute

$ rmmod algif_aead $ rm -f /usr/lib/modules/*/kernel/crypto/algif_aead.ko

Then for each Qlustar 14 image do

$ qlustar-image-edit -s <img-name> $ rm -f usr/lib/modules/*/kernel/crypto/algif_aead.ko $ exit 0

These changes will prevent loading the faulty algif_aead kernel module, which is not needed on any standard Qlustar HPC/AI cluster setup.