SUSE update for pcp

Published: 2024-10-04

Risk	Medium
Patch available	YES
Number of vulnerabilities	4
CVE-ID	CVE-2023-6917 CVE-2024-3019 CVE-2024-45769 CVE-2024-45770
CWE-ID	CWE-264 CWE-668 CWE-20 CWE-61
Exploitation vector	Local network
Public exploit	N/A
Vulnerable software	Development Tools Module Operating systems & Components / Operating system SUSE Linux Enterprise Real Time 15 Operating systems & Components / Operating system openSUSE Leap Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system SUSE Linux Enterprise Desktop 15 Operating systems & Components / Operating system pcp-pmda-resctrl-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-resctrl Operating systems & Components / Operating system package or component pcp-pmda-perfevent Operating systems & Components / Operating system package or component pcp-pmda-infiniband-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-perfevent-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-infiniband Operating systems & Components / Operating system package or component pcp-export-pcp2xml Operating systems & Components / Operating system package or component pcp-export-pcp2graphite Operating systems & Components / Operating system package or component pcp-pmda-nginx Operating systems & Components / Operating system package or component pcp-pmda-rabbitmq Operating systems & Components / Operating system package or component pcp-export-pcp2spark Operating systems & Components / Operating system package or component pcp-zeroconf Operating systems & Components / Operating system package or component pcp-pmda-pdns Operating systems & Components / Operating system package or component pcp-pmda-bonding Operating systems & Components / Operating system package or component pcp-import-ganglia2pcp Operating systems & Components / Operating system package or component pcp-pmda-activemq Operating systems & Components / Operating system package or component pcp-import-iostat2pcp Operating systems & Components / Operating system package or component pcp-pmda-lustre Operating systems & Components / Operating system package or component pcp-export-pcp2zabbix Operating systems & Components / Operating system package or component pcp-pmda-rsyslog Operating systems & Components / Operating system package or component pcp-pmda-oracle Operating systems & Components / Operating system package or component pcp-pmda-gpfs Operating systems & Components / Operating system package or component pcp-export-pcp2json Operating systems & Components / Operating system package or component pcp-pmda-ds389log Operating systems & Components / Operating system package or component pcp-pmda-gpsd Operating systems & Components / Operating system package or component pcp-pmda-haproxy Operating systems & Components / Operating system package or component pcp-doc Operating systems & Components / Operating system package or component pcp-import-sar2pcp Operating systems & Components / Operating system package or component pcp-pmda-elasticsearch Operating systems & Components / Operating system package or component pcp-pmda-json Operating systems & Components / Operating system package or component pcp-pmda-openvswitch Operating systems & Components / Operating system package or component pcp-pmda-netcheck Operating systems & Components / Operating system package or component pcp-pmda-dbping Operating systems & Components / Operating system package or component pcp-import-mrtg2pcp Operating systems & Components / Operating system package or component pcp-pmda-slurm Operating systems & Components / Operating system package or component pcp-pmda-ds389 Operating systems & Components / Operating system package or component pcp-pmda-zswap Operating systems & Components / Operating system package or component pcp-pmda-netfilter Operating systems & Components / Operating system package or component pcp-pmda-named Operating systems & Components / Operating system package or component pcp-pmda-mic Operating systems & Components / Operating system package or component pcp-pmda-gluster Operating systems & Components / Operating system package or component pcp-pmda-unbound Operating systems & Components / Operating system package or component pcp-pmda-lmsensors Operating systems & Components / Operating system package or component pcp-pmda-nutcracker Operating systems & Components / Operating system package or component pcp-conf Operating systems & Components / Operating system package or component pcp-export-pcp2elasticsearch Operating systems & Components / Operating system package or component pcp-pmda-openmetrics Operating systems & Components / Operating system package or component pcp-pmda-nfsclient Operating systems & Components / Operating system package or component pcp-export-pcp2influxdb Operating systems & Components / Operating system package or component pcp-pmda-samba Operating systems & Components / Operating system package or component pcp-pmda-news Operating systems & Components / Operating system package or component pcp-pmda-mysql Operating systems & Components / Operating system package or component pcp-pmda-memcache Operating systems & Components / Operating system package or component pcp-pmda-postfix Operating systems & Components / Operating system package or component pcp-pmda-snmp Operating systems & Components / Operating system package or component pcp-pmda-redis Operating systems & Components / Operating system package or component perl-PCP-LogImport-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-dm-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-docker Operating systems & Components / Operating system package or component pcp-debuginfo Operating systems & Components / Operating system package or component pcp-gui Operating systems & Components / Operating system package or component pcp-pmda-zimbra Operating systems & Components / Operating system package or component pcp-import-collectl2pcp-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-mounts Operating systems & Components / Operating system package or component pcp-system-tools-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-weblog-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-sendmail-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-lustrecomm-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-systemd Operating systems & Components / Operating system package or component libpcp_mmv1-debuginfo Operating systems & Components / Operating system package or component pcp-testsuite Operating systems & Components / Operating system package or component libpcp_trace2 Operating systems & Components / Operating system package or component pcp-gui-debuginfo Operating systems & Components / Operating system package or component libpcp_import1 Operating systems & Components / Operating system package or component pcp-pmda-cisco-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-bash-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-nvidia-gpu Operating systems & Components / Operating system package or component libpcp_mmv1 Operating systems & Components / Operating system package or component pcp-pmda-zimbra-debuginfo Operating systems & Components / Operating system package or component perl-PCP-PMDA-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-trace Operating systems & Components / Operating system package or component libpcp_trace2-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-roomtemp-debuginfo Operating systems & Components / Operating system package or component libpcp-devel Operating systems & Components / Operating system package or component libpcp_import1-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-gfs2-debuginfo Operating systems & Components / Operating system package or component pcp-import-collectl2pcp Operating systems & Components / Operating system package or component pcp-pmda-mailq-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-hacluster Operating systems & Components / Operating system package or component pcp-pmda-cisco Operating systems & Components / Operating system package or component pcp-pmda-cifs Operating systems & Components / Operating system package or component python3-pcp-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-cifs-debuginfo Operating systems & Components / Operating system package or component libpcp3 Operating systems & Components / Operating system package or component perl-PCP-LogImport Operating systems & Components / Operating system package or component pcp-pmda-smart-debuginfo Operating systems & Components / Operating system package or component libpcp_gui2 Operating systems & Components / Operating system package or component perl-PCP-LogSummary Operating systems & Components / Operating system package or component pcp-pmda-shping-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-shping Operating systems & Components / Operating system package or component pcp-pmda-docker-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-roomtemp Operating systems & Components / Operating system package or component pcp-pmda-smart Operating systems & Components / Operating system package or component pcp Operating systems & Components / Operating system package or component pcp-debugsource Operating systems & Components / Operating system package or component perl-PCP-MMV-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-weblog Operating systems & Components / Operating system package or component pcp-pmda-sockets Operating systems & Components / Operating system package or component perl-PCP-PMDA Operating systems & Components / Operating system package or component pcp-pmda-logger-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-summary-debuginfo Operating systems & Components / Operating system package or component pcp-devel Operating systems & Components / Operating system package or component pcp-pmda-trace-debuginfo Operating systems & Components / Operating system package or component pcp-testsuite-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-logger Operating systems & Components / Operating system package or component pcp-pmda-apache-debuginfo Operating systems & Components / Operating system package or component libpcp_web1 Operating systems & Components / Operating system package or component pcp-pmda-sendmail Operating systems & Components / Operating system package or component pcp-pmda-mailq Operating systems & Components / Operating system package or component pcp-pmda-bash Operating systems & Components / Operating system package or component pcp-pmda-summary Operating systems & Components / Operating system package or component perl-PCP-MMV Operating systems & Components / Operating system package or component pcp-pmda-sockets-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-apache Operating systems & Components / Operating system package or component libpcp3-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-systemd-debuginfo Operating systems & Components / Operating system package or component python3-pcp Operating systems & Components / Operating system package or component pcp-system-tools Operating systems & Components / Operating system package or component pcp-devel-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-mounts-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-gfs2 Operating systems & Components / Operating system package or component pcp-pmda-lustrecomm Operating systems & Components / Operating system package or component pcp-pmda-hacluster-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-nvidia-gpu-debuginfo Operating systems & Components / Operating system package or component libpcp_gui2-debuginfo Operating systems & Components / Operating system package or component libpcp_web1-debuginfo Operating systems & Components / Operating system package or component pcp-pmda-dm Operating systems & Components / Operating system package or component
Vendor	SUSE

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU96640

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-6917

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to application uses mixed privilege levels utilized by systemd services associated with PCP. A local user can escalate privileges on the system via symlink attacks.

Mitigation

Update the affected package pcp to the latest version.

Vulnerable software versions

Development Tools Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

pcp-pmda-resctrl-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-resctrl: before 6.2.0-150600.3.6.1

pcp-pmda-perfevent: before 6.2.0-150600.3.6.1

pcp-pmda-infiniband-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-perfevent-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-infiniband: before 6.2.0-150600.3.6.1

pcp-export-pcp2xml: before 6.2.0-150600.3.6.1

pcp-export-pcp2graphite: before 6.2.0-150600.3.6.1

pcp-pmda-nginx: before 6.2.0-150600.3.6.1

pcp-pmda-rabbitmq: before 6.2.0-150600.3.6.1

pcp-export-pcp2spark: before 6.2.0-150600.3.6.1

pcp-zeroconf: before 6.2.0-150600.3.6.1

pcp-pmda-pdns: before 6.2.0-150600.3.6.1

pcp-pmda-bonding: before 6.2.0-150600.3.6.1

pcp-import-ganglia2pcp: before 6.2.0-150600.3.6.1

pcp-pmda-activemq: before 6.2.0-150600.3.6.1

pcp-import-iostat2pcp: before 6.2.0-150600.3.6.1

pcp-pmda-lustre: before 6.2.0-150600.3.6.1

pcp-export-pcp2zabbix: before 6.2.0-150600.3.6.1

pcp-pmda-rsyslog: before 6.2.0-150600.3.6.1

pcp-pmda-oracle: before 6.2.0-150600.3.6.1

pcp-pmda-gpfs: before 6.2.0-150600.3.6.1

pcp-export-pcp2json: before 6.2.0-150600.3.6.1

pcp-pmda-ds389log: before 6.2.0-150600.3.6.1

pcp-pmda-gpsd: before 6.2.0-150600.3.6.1

pcp-pmda-haproxy: before 6.2.0-150600.3.6.1

pcp-doc: before 6.2.0-150600.3.6.1

pcp-import-sar2pcp: before 6.2.0-150600.3.6.1

pcp-pmda-elasticsearch: before 6.2.0-150600.3.6.1

pcp-pmda-json: before 6.2.0-150600.3.6.1

pcp-pmda-openvswitch: before 6.2.0-150600.3.6.1

pcp-pmda-netcheck: before 6.2.0-150600.3.6.1

pcp-pmda-dbping: before 6.2.0-150600.3.6.1

pcp-import-mrtg2pcp: before 6.2.0-150600.3.6.1

pcp-pmda-slurm: before 6.2.0-150600.3.6.1

pcp-pmda-ds389: before 6.2.0-150600.3.6.1

pcp-pmda-zswap: before 6.2.0-150600.3.6.1

pcp-pmda-netfilter: before 6.2.0-150600.3.6.1

pcp-pmda-named: before 6.2.0-150600.3.6.1

pcp-pmda-mic: before 6.2.0-150600.3.6.1

pcp-pmda-gluster: before 6.2.0-150600.3.6.1

pcp-pmda-unbound: before 6.2.0-150600.3.6.1

pcp-pmda-lmsensors: before 6.2.0-150600.3.6.1

pcp-pmda-nutcracker: before 6.2.0-150600.3.6.1

pcp-conf: before 6.2.0-150600.3.6.1

pcp-export-pcp2elasticsearch: before 6.2.0-150600.3.6.1

pcp-pmda-openmetrics: before 6.2.0-150600.3.6.1

pcp-pmda-nfsclient: before 6.2.0-150600.3.6.1

pcp-export-pcp2influxdb: before 6.2.0-150600.3.6.1

pcp-pmda-samba: before 6.2.0-150600.3.6.1

pcp-pmda-news: before 6.2.0-150600.3.6.1

pcp-pmda-mysql: before 6.2.0-150600.3.6.1

pcp-pmda-memcache: before 6.2.0-150600.3.6.1

pcp-pmda-postfix: before 6.2.0-150600.3.6.1

pcp-pmda-snmp: before 6.2.0-150600.3.6.1

pcp-pmda-redis: before 6.2.0-150600.3.6.1

perl-PCP-LogImport-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-dm-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-docker: before 6.2.0-150600.3.6.1

pcp-debuginfo: before 6.2.0-150600.3.6.1

pcp-gui: before 6.2.0-150600.3.6.1

pcp-pmda-zimbra: before 6.2.0-150600.3.6.1

pcp-import-collectl2pcp-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-mounts: before 6.2.0-150600.3.6.1

pcp-system-tools-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-weblog-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-sendmail-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-lustrecomm-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-systemd: before 6.2.0-150600.3.6.1

libpcp_mmv1-debuginfo: before 6.2.0-150600.3.6.1

pcp-testsuite: before 6.2.0-150600.3.6.1

libpcp_trace2: before 6.2.0-150600.3.6.1

pcp-gui-debuginfo: before 6.2.0-150600.3.6.1

libpcp_import1: before 6.2.0-150600.3.6.1

pcp-pmda-cisco-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-bash-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-nvidia-gpu: before 6.2.0-150600.3.6.1

libpcp_mmv1: before 6.2.0-150600.3.6.1

pcp-pmda-zimbra-debuginfo: before 6.2.0-150600.3.6.1

perl-PCP-PMDA-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-trace: before 6.2.0-150600.3.6.1

libpcp_trace2-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-roomtemp-debuginfo: before 6.2.0-150600.3.6.1

libpcp-devel: before 6.2.0-150600.3.6.1

libpcp_import1-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-gfs2-debuginfo: before 6.2.0-150600.3.6.1

pcp-import-collectl2pcp: before 6.2.0-150600.3.6.1

pcp-pmda-mailq-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-hacluster: before 6.2.0-150600.3.6.1

pcp-pmda-cisco: before 6.2.0-150600.3.6.1

pcp-pmda-cifs: before 6.2.0-150600.3.6.1

python3-pcp-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-cifs-debuginfo: before 6.2.0-150600.3.6.1

libpcp3: before 6.2.0-150600.3.6.1

perl-PCP-LogImport: before 6.2.0-150600.3.6.1

pcp-pmda-smart-debuginfo: before 6.2.0-150600.3.6.1

libpcp_gui2: before 6.2.0-150600.3.6.1

perl-PCP-LogSummary: before 6.2.0-150600.3.6.1

pcp-pmda-shping-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-shping: before 6.2.0-150600.3.6.1

pcp-pmda-docker-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-roomtemp: before 6.2.0-150600.3.6.1

pcp-pmda-smart: before 6.2.0-150600.3.6.1

pcp: before 6.2.0-150600.3.6.1

pcp-debugsource: before 6.2.0-150600.3.6.1

perl-PCP-MMV-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-weblog: before 6.2.0-150600.3.6.1

pcp-pmda-sockets: before 6.2.0-150600.3.6.1

perl-PCP-PMDA: before 6.2.0-150600.3.6.1

pcp-pmda-logger-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-summary-debuginfo: before 6.2.0-150600.3.6.1

pcp-devel: before 6.2.0-150600.3.6.1

pcp-pmda-trace-debuginfo: before 6.2.0-150600.3.6.1

pcp-testsuite-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-logger: before 6.2.0-150600.3.6.1

pcp-pmda-apache-debuginfo: before 6.2.0-150600.3.6.1

libpcp_web1: before 6.2.0-150600.3.6.1

pcp-pmda-sendmail: before 6.2.0-150600.3.6.1

pcp-pmda-mailq: before 6.2.0-150600.3.6.1

pcp-pmda-bash: before 6.2.0-150600.3.6.1

pcp-pmda-summary: before 6.2.0-150600.3.6.1

perl-PCP-MMV: before 6.2.0-150600.3.6.1

pcp-pmda-sockets-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-apache: before 6.2.0-150600.3.6.1

libpcp3-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-systemd-debuginfo: before 6.2.0-150600.3.6.1

python3-pcp: before 6.2.0-150600.3.6.1

pcp-system-tools: before 6.2.0-150600.3.6.1

pcp-devel-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-mounts-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-gfs2: before 6.2.0-150600.3.6.1

pcp-pmda-lustrecomm: before 6.2.0-150600.3.6.1

pcp-pmda-hacluster-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-nvidia-gpu-debuginfo: before 6.2.0-150600.3.6.1

libpcp_gui2-debuginfo: before 6.2.0-150600.3.6.1

libpcp_web1-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-dm: before 6.2.0-150600.3.6.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20243533-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Exposure of Resource to Wrong Sphere

EUVDB-ID: #VU92228

Risk: Medium

CVSSv4.0: 6.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-3019

CWE-ID: CWE-668 - Exposure of resource to wrong sphere

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to missing access restrictions in the default pmproxy configuration, which exposes the Redis server backend to the local network. A remote attacker on the local network can execute arbitrary OS commands.

Mitigation

Update the affected package pcp to the latest version.

Vulnerable software versions

Development Tools Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

pcp-pmda-resctrl-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-resctrl: before 6.2.0-150600.3.6.1

pcp-pmda-perfevent: before 6.2.0-150600.3.6.1

pcp-pmda-infiniband-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-perfevent-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-infiniband: before 6.2.0-150600.3.6.1

pcp-export-pcp2xml: before 6.2.0-150600.3.6.1

pcp-export-pcp2graphite: before 6.2.0-150600.3.6.1

pcp-pmda-nginx: before 6.2.0-150600.3.6.1

pcp-pmda-rabbitmq: before 6.2.0-150600.3.6.1

pcp-export-pcp2spark: before 6.2.0-150600.3.6.1

pcp-zeroconf: before 6.2.0-150600.3.6.1

pcp-pmda-pdns: before 6.2.0-150600.3.6.1

pcp-pmda-bonding: before 6.2.0-150600.3.6.1

pcp-import-ganglia2pcp: before 6.2.0-150600.3.6.1

pcp-pmda-activemq: before 6.2.0-150600.3.6.1

pcp-import-iostat2pcp: before 6.2.0-150600.3.6.1

pcp-pmda-lustre: before 6.2.0-150600.3.6.1

pcp-export-pcp2zabbix: before 6.2.0-150600.3.6.1

pcp-pmda-rsyslog: before 6.2.0-150600.3.6.1

pcp-pmda-oracle: before 6.2.0-150600.3.6.1

pcp-pmda-gpfs: before 6.2.0-150600.3.6.1

pcp-export-pcp2json: before 6.2.0-150600.3.6.1

pcp-pmda-ds389log: before 6.2.0-150600.3.6.1

pcp-pmda-gpsd: before 6.2.0-150600.3.6.1

pcp-pmda-haproxy: before 6.2.0-150600.3.6.1

pcp-doc: before 6.2.0-150600.3.6.1

pcp-import-sar2pcp: before 6.2.0-150600.3.6.1

pcp-pmda-elasticsearch: before 6.2.0-150600.3.6.1

pcp-pmda-json: before 6.2.0-150600.3.6.1

pcp-pmda-openvswitch: before 6.2.0-150600.3.6.1

pcp-pmda-netcheck: before 6.2.0-150600.3.6.1

pcp-pmda-dbping: before 6.2.0-150600.3.6.1

pcp-import-mrtg2pcp: before 6.2.0-150600.3.6.1

pcp-pmda-slurm: before 6.2.0-150600.3.6.1

pcp-pmda-ds389: before 6.2.0-150600.3.6.1

pcp-pmda-zswap: before 6.2.0-150600.3.6.1

pcp-pmda-netfilter: before 6.2.0-150600.3.6.1

pcp-pmda-named: before 6.2.0-150600.3.6.1

pcp-pmda-mic: before 6.2.0-150600.3.6.1

pcp-pmda-gluster: before 6.2.0-150600.3.6.1

pcp-pmda-unbound: before 6.2.0-150600.3.6.1

pcp-pmda-lmsensors: before 6.2.0-150600.3.6.1

pcp-pmda-nutcracker: before 6.2.0-150600.3.6.1

pcp-conf: before 6.2.0-150600.3.6.1

pcp-export-pcp2elasticsearch: before 6.2.0-150600.3.6.1

pcp-pmda-openmetrics: before 6.2.0-150600.3.6.1

pcp-pmda-nfsclient: before 6.2.0-150600.3.6.1

pcp-export-pcp2influxdb: before 6.2.0-150600.3.6.1

pcp-pmda-samba: before 6.2.0-150600.3.6.1

pcp-pmda-news: before 6.2.0-150600.3.6.1

pcp-pmda-mysql: before 6.2.0-150600.3.6.1

pcp-pmda-memcache: before 6.2.0-150600.3.6.1

pcp-pmda-postfix: before 6.2.0-150600.3.6.1

pcp-pmda-snmp: before 6.2.0-150600.3.6.1

pcp-pmda-redis: before 6.2.0-150600.3.6.1

perl-PCP-LogImport-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-dm-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-docker: before 6.2.0-150600.3.6.1

pcp-debuginfo: before 6.2.0-150600.3.6.1

pcp-gui: before 6.2.0-150600.3.6.1

pcp-pmda-zimbra: before 6.2.0-150600.3.6.1

pcp-import-collectl2pcp-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-mounts: before 6.2.0-150600.3.6.1

pcp-system-tools-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-weblog-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-sendmail-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-lustrecomm-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-systemd: before 6.2.0-150600.3.6.1

libpcp_mmv1-debuginfo: before 6.2.0-150600.3.6.1

pcp-testsuite: before 6.2.0-150600.3.6.1

libpcp_trace2: before 6.2.0-150600.3.6.1

pcp-gui-debuginfo: before 6.2.0-150600.3.6.1

libpcp_import1: before 6.2.0-150600.3.6.1

pcp-pmda-cisco-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-bash-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-nvidia-gpu: before 6.2.0-150600.3.6.1

libpcp_mmv1: before 6.2.0-150600.3.6.1

pcp-pmda-zimbra-debuginfo: before 6.2.0-150600.3.6.1

perl-PCP-PMDA-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-trace: before 6.2.0-150600.3.6.1

libpcp_trace2-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-roomtemp-debuginfo: before 6.2.0-150600.3.6.1

libpcp-devel: before 6.2.0-150600.3.6.1

libpcp_import1-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-gfs2-debuginfo: before 6.2.0-150600.3.6.1

pcp-import-collectl2pcp: before 6.2.0-150600.3.6.1

pcp-pmda-mailq-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-hacluster: before 6.2.0-150600.3.6.1

pcp-pmda-cisco: before 6.2.0-150600.3.6.1

pcp-pmda-cifs: before 6.2.0-150600.3.6.1

python3-pcp-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-cifs-debuginfo: before 6.2.0-150600.3.6.1

libpcp3: before 6.2.0-150600.3.6.1

perl-PCP-LogImport: before 6.2.0-150600.3.6.1

pcp-pmda-smart-debuginfo: before 6.2.0-150600.3.6.1

libpcp_gui2: before 6.2.0-150600.3.6.1

perl-PCP-LogSummary: before 6.2.0-150600.3.6.1

pcp-pmda-shping-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-shping: before 6.2.0-150600.3.6.1

pcp-pmda-docker-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-roomtemp: before 6.2.0-150600.3.6.1

pcp-pmda-smart: before 6.2.0-150600.3.6.1

pcp: before 6.2.0-150600.3.6.1

pcp-debugsource: before 6.2.0-150600.3.6.1

perl-PCP-MMV-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-weblog: before 6.2.0-150600.3.6.1

pcp-pmda-sockets: before 6.2.0-150600.3.6.1

perl-PCP-PMDA: before 6.2.0-150600.3.6.1

pcp-pmda-logger-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-summary-debuginfo: before 6.2.0-150600.3.6.1

pcp-devel: before 6.2.0-150600.3.6.1

pcp-pmda-trace-debuginfo: before 6.2.0-150600.3.6.1

pcp-testsuite-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-logger: before 6.2.0-150600.3.6.1

pcp-pmda-apache-debuginfo: before 6.2.0-150600.3.6.1

libpcp_web1: before 6.2.0-150600.3.6.1

pcp-pmda-sendmail: before 6.2.0-150600.3.6.1

pcp-pmda-mailq: before 6.2.0-150600.3.6.1

pcp-pmda-bash: before 6.2.0-150600.3.6.1

pcp-pmda-summary: before 6.2.0-150600.3.6.1

perl-PCP-MMV: before 6.2.0-150600.3.6.1

pcp-pmda-sockets-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-apache: before 6.2.0-150600.3.6.1

libpcp3-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-systemd-debuginfo: before 6.2.0-150600.3.6.1

python3-pcp: before 6.2.0-150600.3.6.1

pcp-system-tools: before 6.2.0-150600.3.6.1

pcp-devel-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-mounts-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-gfs2: before 6.2.0-150600.3.6.1

pcp-pmda-lustrecomm: before 6.2.0-150600.3.6.1

pcp-pmda-hacluster-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-nvidia-gpu-debuginfo: before 6.2.0-150600.3.6.1

libpcp_gui2-debuginfo: before 6.2.0-150600.3.6.1

libpcp_web1-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-dm: before 6.2.0-150600.3.6.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20243533-1/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Input validation error

EUVDB-ID: #VU97613

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-45769

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A local user can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Update the affected package pcp to the latest version.

Vulnerable software versions

Development Tools Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

pcp-pmda-resctrl-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-resctrl: before 6.2.0-150600.3.6.1

pcp-pmda-perfevent: before 6.2.0-150600.3.6.1

pcp-pmda-infiniband-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-perfevent-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-infiniband: before 6.2.0-150600.3.6.1

pcp-export-pcp2xml: before 6.2.0-150600.3.6.1

pcp-export-pcp2graphite: before 6.2.0-150600.3.6.1

pcp-pmda-nginx: before 6.2.0-150600.3.6.1

pcp-pmda-rabbitmq: before 6.2.0-150600.3.6.1

pcp-export-pcp2spark: before 6.2.0-150600.3.6.1

pcp-zeroconf: before 6.2.0-150600.3.6.1

pcp-pmda-pdns: before 6.2.0-150600.3.6.1

pcp-pmda-bonding: before 6.2.0-150600.3.6.1

pcp-import-ganglia2pcp: before 6.2.0-150600.3.6.1

pcp-pmda-activemq: before 6.2.0-150600.3.6.1

pcp-import-iostat2pcp: before 6.2.0-150600.3.6.1

pcp-pmda-lustre: before 6.2.0-150600.3.6.1

pcp-export-pcp2zabbix: before 6.2.0-150600.3.6.1

pcp-pmda-rsyslog: before 6.2.0-150600.3.6.1

pcp-pmda-oracle: before 6.2.0-150600.3.6.1

pcp-pmda-gpfs: before 6.2.0-150600.3.6.1

pcp-export-pcp2json: before 6.2.0-150600.3.6.1

pcp-pmda-ds389log: before 6.2.0-150600.3.6.1

pcp-pmda-gpsd: before 6.2.0-150600.3.6.1

pcp-pmda-haproxy: before 6.2.0-150600.3.6.1

pcp-doc: before 6.2.0-150600.3.6.1

pcp-import-sar2pcp: before 6.2.0-150600.3.6.1

pcp-pmda-elasticsearch: before 6.2.0-150600.3.6.1

pcp-pmda-json: before 6.2.0-150600.3.6.1

pcp-pmda-openvswitch: before 6.2.0-150600.3.6.1

pcp-pmda-netcheck: before 6.2.0-150600.3.6.1

pcp-pmda-dbping: before 6.2.0-150600.3.6.1

pcp-import-mrtg2pcp: before 6.2.0-150600.3.6.1

pcp-pmda-slurm: before 6.2.0-150600.3.6.1

pcp-pmda-ds389: before 6.2.0-150600.3.6.1

pcp-pmda-zswap: before 6.2.0-150600.3.6.1

pcp-pmda-netfilter: before 6.2.0-150600.3.6.1

pcp-pmda-named: before 6.2.0-150600.3.6.1

pcp-pmda-mic: before 6.2.0-150600.3.6.1

pcp-pmda-gluster: before 6.2.0-150600.3.6.1

pcp-pmda-unbound: before 6.2.0-150600.3.6.1

pcp-pmda-lmsensors: before 6.2.0-150600.3.6.1

pcp-pmda-nutcracker: before 6.2.0-150600.3.6.1

pcp-conf: before 6.2.0-150600.3.6.1

pcp-export-pcp2elasticsearch: before 6.2.0-150600.3.6.1

pcp-pmda-openmetrics: before 6.2.0-150600.3.6.1

pcp-pmda-nfsclient: before 6.2.0-150600.3.6.1

pcp-export-pcp2influxdb: before 6.2.0-150600.3.6.1

pcp-pmda-samba: before 6.2.0-150600.3.6.1

pcp-pmda-news: before 6.2.0-150600.3.6.1

pcp-pmda-mysql: before 6.2.0-150600.3.6.1

pcp-pmda-memcache: before 6.2.0-150600.3.6.1

pcp-pmda-postfix: before 6.2.0-150600.3.6.1

pcp-pmda-snmp: before 6.2.0-150600.3.6.1

pcp-pmda-redis: before 6.2.0-150600.3.6.1

perl-PCP-LogImport-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-dm-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-docker: before 6.2.0-150600.3.6.1

pcp-debuginfo: before 6.2.0-150600.3.6.1

pcp-gui: before 6.2.0-150600.3.6.1

pcp-pmda-zimbra: before 6.2.0-150600.3.6.1

pcp-import-collectl2pcp-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-mounts: before 6.2.0-150600.3.6.1

pcp-system-tools-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-weblog-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-sendmail-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-lustrecomm-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-systemd: before 6.2.0-150600.3.6.1

libpcp_mmv1-debuginfo: before 6.2.0-150600.3.6.1

pcp-testsuite: before 6.2.0-150600.3.6.1

libpcp_trace2: before 6.2.0-150600.3.6.1

pcp-gui-debuginfo: before 6.2.0-150600.3.6.1

libpcp_import1: before 6.2.0-150600.3.6.1

pcp-pmda-cisco-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-bash-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-nvidia-gpu: before 6.2.0-150600.3.6.1

libpcp_mmv1: before 6.2.0-150600.3.6.1

pcp-pmda-zimbra-debuginfo: before 6.2.0-150600.3.6.1

perl-PCP-PMDA-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-trace: before 6.2.0-150600.3.6.1

libpcp_trace2-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-roomtemp-debuginfo: before 6.2.0-150600.3.6.1

libpcp-devel: before 6.2.0-150600.3.6.1

libpcp_import1-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-gfs2-debuginfo: before 6.2.0-150600.3.6.1

pcp-import-collectl2pcp: before 6.2.0-150600.3.6.1

pcp-pmda-mailq-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-hacluster: before 6.2.0-150600.3.6.1

pcp-pmda-cisco: before 6.2.0-150600.3.6.1

pcp-pmda-cifs: before 6.2.0-150600.3.6.1

python3-pcp-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-cifs-debuginfo: before 6.2.0-150600.3.6.1

libpcp3: before 6.2.0-150600.3.6.1

perl-PCP-LogImport: before 6.2.0-150600.3.6.1

pcp-pmda-smart-debuginfo: before 6.2.0-150600.3.6.1

libpcp_gui2: before 6.2.0-150600.3.6.1

perl-PCP-LogSummary: before 6.2.0-150600.3.6.1

pcp-pmda-shping-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-shping: before 6.2.0-150600.3.6.1

pcp-pmda-docker-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-roomtemp: before 6.2.0-150600.3.6.1

pcp-pmda-smart: before 6.2.0-150600.3.6.1

pcp: before 6.2.0-150600.3.6.1

pcp-debugsource: before 6.2.0-150600.3.6.1

perl-PCP-MMV-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-weblog: before 6.2.0-150600.3.6.1

pcp-pmda-sockets: before 6.2.0-150600.3.6.1

perl-PCP-PMDA: before 6.2.0-150600.3.6.1

pcp-pmda-logger-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-summary-debuginfo: before 6.2.0-150600.3.6.1

pcp-devel: before 6.2.0-150600.3.6.1

pcp-pmda-trace-debuginfo: before 6.2.0-150600.3.6.1

pcp-testsuite-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-logger: before 6.2.0-150600.3.6.1

pcp-pmda-apache-debuginfo: before 6.2.0-150600.3.6.1

libpcp_web1: before 6.2.0-150600.3.6.1

pcp-pmda-sendmail: before 6.2.0-150600.3.6.1

pcp-pmda-mailq: before 6.2.0-150600.3.6.1

pcp-pmda-bash: before 6.2.0-150600.3.6.1

pcp-pmda-summary: before 6.2.0-150600.3.6.1

perl-PCP-MMV: before 6.2.0-150600.3.6.1

pcp-pmda-sockets-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-apache: before 6.2.0-150600.3.6.1

libpcp3-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-systemd-debuginfo: before 6.2.0-150600.3.6.1

python3-pcp: before 6.2.0-150600.3.6.1

pcp-system-tools: before 6.2.0-150600.3.6.1

pcp-devel-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-mounts-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-gfs2: before 6.2.0-150600.3.6.1

pcp-pmda-lustrecomm: before 6.2.0-150600.3.6.1

pcp-pmda-hacluster-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-nvidia-gpu-debuginfo: before 6.2.0-150600.3.6.1

libpcp_gui2-debuginfo: before 6.2.0-150600.3.6.1

libpcp_web1-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-dm: before 6.2.0-150600.3.6.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20243533-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) UNIX symbolic link following

EUVDB-ID: #VU97612

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-45770

CWE-ID: CWE-61 - UNIX Symbolic Link (Symlink) Following

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a symlink following issue within the pmpost tool, which runs under certain circumstances with elevated privileges. A local user can create a specially crafted symbolic link to a critical file on the system and overwrite it with privileges of the application.

Successful exploitation of this vulnerability may result in privilege escalation.

Mitigation

Update the affected package pcp to the latest version.

Vulnerable software versions

Development Tools Module: 15-SP6

SUSE Linux Enterprise Real Time 15: SP6

openSUSE Leap: 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP6

SUSE Linux Enterprise Server 15: SP6

SUSE Linux Enterprise Desktop 15: SP6

pcp-pmda-resctrl-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-resctrl: before 6.2.0-150600.3.6.1

pcp-pmda-perfevent: before 6.2.0-150600.3.6.1

pcp-pmda-infiniband-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-perfevent-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-infiniband: before 6.2.0-150600.3.6.1

pcp-export-pcp2xml: before 6.2.0-150600.3.6.1

pcp-export-pcp2graphite: before 6.2.0-150600.3.6.1

pcp-pmda-nginx: before 6.2.0-150600.3.6.1

pcp-pmda-rabbitmq: before 6.2.0-150600.3.6.1

pcp-export-pcp2spark: before 6.2.0-150600.3.6.1

pcp-zeroconf: before 6.2.0-150600.3.6.1

pcp-pmda-pdns: before 6.2.0-150600.3.6.1

pcp-pmda-bonding: before 6.2.0-150600.3.6.1

pcp-import-ganglia2pcp: before 6.2.0-150600.3.6.1

pcp-pmda-activemq: before 6.2.0-150600.3.6.1

pcp-import-iostat2pcp: before 6.2.0-150600.3.6.1

pcp-pmda-lustre: before 6.2.0-150600.3.6.1

pcp-export-pcp2zabbix: before 6.2.0-150600.3.6.1

pcp-pmda-rsyslog: before 6.2.0-150600.3.6.1

pcp-pmda-oracle: before 6.2.0-150600.3.6.1

pcp-pmda-gpfs: before 6.2.0-150600.3.6.1

pcp-export-pcp2json: before 6.2.0-150600.3.6.1

pcp-pmda-ds389log: before 6.2.0-150600.3.6.1

pcp-pmda-gpsd: before 6.2.0-150600.3.6.1

pcp-pmda-haproxy: before 6.2.0-150600.3.6.1

pcp-doc: before 6.2.0-150600.3.6.1

pcp-import-sar2pcp: before 6.2.0-150600.3.6.1

pcp-pmda-elasticsearch: before 6.2.0-150600.3.6.1

pcp-pmda-json: before 6.2.0-150600.3.6.1

pcp-pmda-openvswitch: before 6.2.0-150600.3.6.1

pcp-pmda-netcheck: before 6.2.0-150600.3.6.1

pcp-pmda-dbping: before 6.2.0-150600.3.6.1

pcp-import-mrtg2pcp: before 6.2.0-150600.3.6.1

pcp-pmda-slurm: before 6.2.0-150600.3.6.1

pcp-pmda-ds389: before 6.2.0-150600.3.6.1

pcp-pmda-zswap: before 6.2.0-150600.3.6.1

pcp-pmda-netfilter: before 6.2.0-150600.3.6.1

pcp-pmda-named: before 6.2.0-150600.3.6.1

pcp-pmda-mic: before 6.2.0-150600.3.6.1

pcp-pmda-gluster: before 6.2.0-150600.3.6.1

pcp-pmda-unbound: before 6.2.0-150600.3.6.1

pcp-pmda-lmsensors: before 6.2.0-150600.3.6.1

pcp-pmda-nutcracker: before 6.2.0-150600.3.6.1

pcp-conf: before 6.2.0-150600.3.6.1

pcp-export-pcp2elasticsearch: before 6.2.0-150600.3.6.1

pcp-pmda-openmetrics: before 6.2.0-150600.3.6.1

pcp-pmda-nfsclient: before 6.2.0-150600.3.6.1

pcp-export-pcp2influxdb: before 6.2.0-150600.3.6.1

pcp-pmda-samba: before 6.2.0-150600.3.6.1

pcp-pmda-news: before 6.2.0-150600.3.6.1

pcp-pmda-mysql: before 6.2.0-150600.3.6.1

pcp-pmda-memcache: before 6.2.0-150600.3.6.1

pcp-pmda-postfix: before 6.2.0-150600.3.6.1

pcp-pmda-snmp: before 6.2.0-150600.3.6.1

pcp-pmda-redis: before 6.2.0-150600.3.6.1

perl-PCP-LogImport-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-dm-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-docker: before 6.2.0-150600.3.6.1

pcp-debuginfo: before 6.2.0-150600.3.6.1

pcp-gui: before 6.2.0-150600.3.6.1

pcp-pmda-zimbra: before 6.2.0-150600.3.6.1

pcp-import-collectl2pcp-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-mounts: before 6.2.0-150600.3.6.1

pcp-system-tools-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-weblog-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-sendmail-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-lustrecomm-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-systemd: before 6.2.0-150600.3.6.1

libpcp_mmv1-debuginfo: before 6.2.0-150600.3.6.1

pcp-testsuite: before 6.2.0-150600.3.6.1

libpcp_trace2: before 6.2.0-150600.3.6.1

pcp-gui-debuginfo: before 6.2.0-150600.3.6.1

libpcp_import1: before 6.2.0-150600.3.6.1

pcp-pmda-cisco-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-bash-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-nvidia-gpu: before 6.2.0-150600.3.6.1

libpcp_mmv1: before 6.2.0-150600.3.6.1

pcp-pmda-zimbra-debuginfo: before 6.2.0-150600.3.6.1

perl-PCP-PMDA-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-trace: before 6.2.0-150600.3.6.1

libpcp_trace2-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-roomtemp-debuginfo: before 6.2.0-150600.3.6.1

libpcp-devel: before 6.2.0-150600.3.6.1

libpcp_import1-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-gfs2-debuginfo: before 6.2.0-150600.3.6.1

pcp-import-collectl2pcp: before 6.2.0-150600.3.6.1

pcp-pmda-mailq-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-hacluster: before 6.2.0-150600.3.6.1

pcp-pmda-cisco: before 6.2.0-150600.3.6.1

pcp-pmda-cifs: before 6.2.0-150600.3.6.1

python3-pcp-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-cifs-debuginfo: before 6.2.0-150600.3.6.1

libpcp3: before 6.2.0-150600.3.6.1

perl-PCP-LogImport: before 6.2.0-150600.3.6.1

pcp-pmda-smart-debuginfo: before 6.2.0-150600.3.6.1

libpcp_gui2: before 6.2.0-150600.3.6.1

perl-PCP-LogSummary: before 6.2.0-150600.3.6.1

pcp-pmda-shping-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-shping: before 6.2.0-150600.3.6.1

pcp-pmda-docker-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-roomtemp: before 6.2.0-150600.3.6.1

pcp-pmda-smart: before 6.2.0-150600.3.6.1

pcp: before 6.2.0-150600.3.6.1

pcp-debugsource: before 6.2.0-150600.3.6.1

perl-PCP-MMV-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-weblog: before 6.2.0-150600.3.6.1

pcp-pmda-sockets: before 6.2.0-150600.3.6.1

perl-PCP-PMDA: before 6.2.0-150600.3.6.1

pcp-pmda-logger-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-summary-debuginfo: before 6.2.0-150600.3.6.1

pcp-devel: before 6.2.0-150600.3.6.1

pcp-pmda-trace-debuginfo: before 6.2.0-150600.3.6.1

pcp-testsuite-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-logger: before 6.2.0-150600.3.6.1

pcp-pmda-apache-debuginfo: before 6.2.0-150600.3.6.1

libpcp_web1: before 6.2.0-150600.3.6.1

pcp-pmda-sendmail: before 6.2.0-150600.3.6.1

pcp-pmda-mailq: before 6.2.0-150600.3.6.1

pcp-pmda-bash: before 6.2.0-150600.3.6.1

pcp-pmda-summary: before 6.2.0-150600.3.6.1

perl-PCP-MMV: before 6.2.0-150600.3.6.1

pcp-pmda-sockets-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-apache: before 6.2.0-150600.3.6.1

libpcp3-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-systemd-debuginfo: before 6.2.0-150600.3.6.1

python3-pcp: before 6.2.0-150600.3.6.1

pcp-system-tools: before 6.2.0-150600.3.6.1

pcp-devel-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-mounts-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-gfs2: before 6.2.0-150600.3.6.1

pcp-pmda-lustrecomm: before 6.2.0-150600.3.6.1

pcp-pmda-hacluster-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-nvidia-gpu-debuginfo: before 6.2.0-150600.3.6.1

libpcp_gui2-debuginfo: before 6.2.0-150600.3.6.1

libpcp_web1-debuginfo: before 6.2.0-150600.3.6.1

pcp-pmda-dm: before 6.2.0-150600.3.6.1

CPE2.3

External links

https://www.suse.com/support/update/announcement/2024/suse-su-20243533-1/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.