Navigation
Search
|
pcp: pmcd network daemon review (SUSE Security Team Blog)
Friday September 20, 2024. 08:05 PM , from LWN.net
The SUSE Security Team Blog has a detailed review of the Performance Co-Pilot (PCP) 6.2.1 release:
The rather complex PCP software suite was difficult to judge just from a cursory look, so we decided to take a closer look especially at PCP's networking logic at a later time. This report contains two CVEs and some non-CVE related findings we also gathered during the follow-up review. CVE-2024-45769, a flaw that could allow an attacker to send crafted data to crash pcmd, and CVE-2024-45770, which could allow a full local root exploit from the pcp user to root, have been addressed in the 6.3.1 release of PCP.
https://lwn.net/Articles/991091/
Related News |
25 sources
Current Date
Dec, Wed 18 - 09:46 CET
|