CVE-2023-6917

EUVD-2023-59116

28.02.2024, 15:15

A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges. This disparity in privilege levels poses a risk when privileged root processes interact with directories or directory trees owned by unprivileged PCP users. Specifically, this vulnerability may lead to the compromise of PCP user isolation and facilitate local PCP-to-root exploits, particularly through symlink attacks. These vulnerabilities underscore the importance of maintaining robust privilege separation mechanisms within PCP to mitigate the potential for unauthorized privilege escalation.

TOCTOU

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	6 MEDIUM	LOCAL	LOW	HIGH	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 2%

Affected Products (NVD)

Vendor	Product	Version
sgi	performance_co-pilot	𝑥 < 6.2.0
redhat	enterprise_linux	9.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

pcp

bookworm	no-dsa
bullseye	no-dsa
buster	no-dsa
sid	6.3.1-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

pcp

bionic	needs-triage
focal	needs-triage
jammy	needs-triage
mantic	ignored
noble	needs-triage
oracular	needs-triage
trusty	ignored
xenial	needs-triage

openSUSE / SLES Releases

openSUSE Product

Release

libpcp-devel

suse enterprise desktop 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise desktop 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise desktop 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise sap 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP4	6.2.0-150400.5.12.3 fixed
suse enterprise server 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise server 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP7	6.2.0-150600.3.6.1 fixed

libpcp3

suse enterprise desktop 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise desktop 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise desktop 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise sap 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP4	6.2.0-150400.5.12.3 fixed
suse enterprise server 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise server 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP7	6.2.0-150600.3.6.1 fixed

libpcp_gui2

suse enterprise desktop 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise desktop 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise desktop 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise sap 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP4	6.2.0-150400.5.12.3 fixed
suse enterprise server 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise server 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP7	6.2.0-150600.3.6.1 fixed

libpcp_import1

suse enterprise desktop 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise desktop 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise desktop 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise sap 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP4	6.2.0-150400.5.12.3 fixed
suse enterprise server 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise server 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP7	6.2.0-150600.3.6.1 fixed

libpcp_mmv1

suse enterprise desktop 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise desktop 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise desktop 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise sap 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP4	6.2.0-150400.5.12.3 fixed
suse enterprise server 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise server 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP7	6.2.0-150600.3.6.1 fixed

libpcp_trace2

suse enterprise desktop 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise desktop 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise desktop 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise sap 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP4	6.2.0-150400.5.12.3 fixed
suse enterprise server 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise server 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP7	6.2.0-150600.3.6.1 fixed

libpcp_web1

suse enterprise desktop 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise desktop 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise desktop 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise sap 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP4	6.2.0-150400.5.12.3 fixed
suse enterprise server 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise server 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP7	6.2.0-150600.3.6.1 fixed

pcp

suse enterprise desktop 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise desktop 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise desktop 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise sap 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP4	6.2.0-150400.5.12.3 fixed
suse enterprise server 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise server 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP7	6.2.0-150600.3.6.1 fixed

pcp-conf

suse enterprise desktop 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise desktop 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise desktop 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise sap 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP4	6.2.0-150400.5.12.3 fixed
suse enterprise server 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise server 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP7	6.2.0-150600.3.6.1 fixed

pcp-devel

suse enterprise desktop 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise desktop 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise desktop 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise sap 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP4	6.2.0-150400.5.12.3 fixed
suse enterprise server 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise server 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP7	6.2.0-150600.3.6.1 fixed

pcp-doc

suse enterprise desktop 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise desktop 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise desktop 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise sap 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP4	6.2.0-150400.5.12.3 fixed
suse enterprise server 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise server 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP7	6.2.0-150600.3.6.1 fixed

pcp-import-iostat2pcp

suse enterprise desktop 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise desktop 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise desktop 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise sap 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP4	6.2.0-150400.5.12.3 fixed
suse enterprise server 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise server 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP7	6.2.0-150600.3.6.1 fixed

pcp-import-mrtg2pcp

suse enterprise desktop 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise desktop 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise desktop 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise sap 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP4	6.2.0-150400.5.12.3 fixed
suse enterprise server 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise server 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP7	6.2.0-150600.3.6.1 fixed

pcp-import-sar2pcp

suse enterprise desktop 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise desktop 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise desktop 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise sap 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP4	6.2.0-150400.5.12.3 fixed
suse enterprise server 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise server 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP7	6.2.0-150600.3.6.1 fixed

pcp-pmda-perfevent

suse enterprise desktop 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise desktop 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise desktop 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise sap 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP4	6.2.0-150400.5.12.3 fixed
suse enterprise server 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise server 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP7	6.2.0-150600.3.6.1 fixed

pcp-system-tools

suse enterprise desktop 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise desktop 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise desktop 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise sap 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP4	6.2.0-150400.5.12.3 fixed
suse enterprise server 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise server 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP7	6.2.0-150600.3.6.1 fixed

perl-PCP-LogImport

suse enterprise desktop 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise desktop 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise desktop 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise sap 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP4	6.2.0-150400.5.12.3 fixed
suse enterprise server 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise server 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP7	6.2.0-150600.3.6.1 fixed

perl-PCP-LogSummary

suse enterprise desktop 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise desktop 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise desktop 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise sap 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP4	6.2.0-150400.5.12.3 fixed
suse enterprise server 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise server 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP7	6.2.0-150600.3.6.1 fixed

perl-PCP-MMV

suse enterprise desktop 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise desktop 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise desktop 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise sap 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP4	6.2.0-150400.5.12.3 fixed
suse enterprise server 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise server 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP7	6.2.0-150600.3.6.1 fixed

perl-PCP-PMDA

suse enterprise desktop 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise desktop 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise desktop 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise sap 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP4	6.2.0-150400.5.12.3 fixed
suse enterprise server 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise server 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP7	6.2.0-150600.3.6.1 fixed

python3-pcp

suse enterprise desktop 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise desktop 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise desktop 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise sap 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise sap 15 SP7	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP4	6.2.0-150400.5.12.3 fixed
suse enterprise server 15 SP5	6.2.0-150500.8.6.1 fixed
suse enterprise server 15 SP6	6.2.0-150600.3.6.1 fixed
suse enterprise server 15 SP7	6.2.0-150600.3.6.1 fixed

Red Hat Enterprise Linux Releases

Red Hat Product

Release

pcp

RHEL 9

0:6.2.0-1.el9

fixed

pcp-conf

RHEL 9

0:6.2.0-1.el9

fixed

pcp-devel

RHEL 9

0:6.2.0-1.el9

fixed

pcp-doc

RHEL 9

0:6.2.0-1.el9

fixed

pcp-export-pcp2elasticsearch

RHEL 9

0:6.2.0-1.el9

fixed

pcp-export-pcp2graphite

RHEL 9

0:6.2.0-1.el9

fixed

pcp-export-pcp2influxdb

RHEL 9

0:6.2.0-1.el9

fixed

pcp-export-pcp2json

RHEL 9

0:6.2.0-1.el9

fixed

pcp-export-pcp2spark

RHEL 9

0:6.2.0-1.el9

fixed

pcp-export-pcp2xml

RHEL 9

0:6.2.0-1.el9

fixed

pcp-export-pcp2zabbix

RHEL 9

0:6.2.0-1.el9

fixed

pcp-export-zabbix-agent

RHEL 9

0:6.2.0-1.el9

fixed

pcp-geolocate

RHEL 9

0:6.2.0-1.el9

fixed

pcp-gui

RHEL 9

0:6.2.0-1.el9

fixed

pcp-import-collectl2pcp

RHEL 9

0:6.2.0-1.el9

fixed

pcp-import-ganglia2pcp

RHEL 9

0:6.2.0-1.el9

fixed

pcp-import-iostat2pcp

RHEL 9

0:6.2.0-1.el9

fixed

pcp-import-mrtg2pcp

RHEL 9

0:6.2.0-1.el9

fixed

pcp-import-sar2pcp

RHEL 9

0:6.2.0-1.el9

fixed

pcp-libs

RHEL 9

0:6.2.0-1.el9

fixed

pcp-libs-devel

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-activemq

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-apache

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-bash

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-bcc

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-bind2

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-bonding

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-bpf

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-bpftrace

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-cifs

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-cisco

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-dbping

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-denki

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-dm

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-docker

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-ds389

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-ds389log

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-elasticsearch

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-farm

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-gfs2

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-gluster

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-gpfs

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-gpsd

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-hacluster

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-haproxy

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-infiniband

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-json

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-libvirt

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-lio

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-lmsensors

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-logger

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-lustre

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-lustrecomm

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-mailq

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-memcache

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-mic

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-mongodb

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-mounts

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-mssql

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-mysql

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-named

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-netcheck

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-netfilter

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-news

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-nfsclient

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-nginx

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-nvidia-gpu

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-openmetrics

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-openvswitch

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-oracle

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-pdns

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-perfevent

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-podman

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-postfix

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-postgresql

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-rabbitmq

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-redis

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-resctrl

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-roomtemp

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-rsyslog

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-samba

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-sendmail

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-shping

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-slurm

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-smart

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-snmp

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-sockets

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-statsd

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-summary

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-systemd

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-trace

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-unbound

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-weblog

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-zimbra

RHEL 9

0:6.2.0-1.el9

fixed

pcp-pmda-zswap

RHEL 9

0:6.2.0-1.el9

fixed

pcp-selinux

RHEL 9

0:6.2.0-1.el9

fixed

pcp-system-tools

RHEL 9

0:6.2.0-1.el9

fixed

pcp-testsuite

RHEL 9

0:6.2.0-1.el9

fixed

pcp-zeroconf

RHEL 9

0:6.2.0-1.el9

fixed

perl-PCP-LogImport

RHEL 9

0:6.2.0-1.el9

fixed

perl-PCP-LogSummary

RHEL 9

0:6.2.0-1.el9

fixed

perl-PCP-MMV

RHEL 9

0:6.2.0-1.el9

fixed

perl-PCP-PMDA

RHEL 9

0:6.2.0-1.el9

fixed

python3-pcp

RHEL 9

0:6.2.0-1.el9

fixed

Common Weakness Enumeration

CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
The software checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the software to perform invalid actions when the resource is in an unexpected state.

References

https://access.redhat.com/errata/RHSA-2024:2213

https://access.redhat.com/security/cve/CVE-2023-6917

https://bugzilla.redhat.com/show_bug.cgi?id=2254983

https://access.redhat.com/errata/RHSA-2024:2213

https://access.redhat.com/security/cve/CVE-2023-6917

https://bugzilla.redhat.com/show_bug.cgi?id=2254983