{"schema_version":"1.7.2","id":"OESA-2025-1293","modified":"2025-03-21T13:17:24Z","published":"2025-03-21T13:17:24Z","upstream":["CVE-2024-45769","CVE-2024-45770"],"summary":"pcp security update","details":"PCP provides a range of services that may be used to monitor and manage system performance. These services are distributed and scalable to accommodate the most complex system configurations and performance problems.\r\n\r\nSecurity Fix(es):\n\nA vulnerability was found in Performance Co-Pilot (PCP).  This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash.(CVE-2024-45769)\n\nA vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges.(CVE-2024-45770)","affected":[{"package":{"ecosystem":"openEuler:22.03-LTS-SP3","name":"pcp","purl":"pkg:rpm/openEuler/pcp\u0026distro=openEuler-22.03-LTS-SP3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.3.7-7.oe2203sp3"}]}],"ecosystem_specific":{"aarch64":["pcp-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-conf-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-debuginfo-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-debugsource-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-devel-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-export-pcp2elasticsearch-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-export-pcp2graphite-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-export-pcp2influxdb-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-export-pcp2json-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-export-pcp2spark-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-export-pcp2xml-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-export-pcp2zabbix-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-export-zabbix-agent-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-gui-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-import-collectl2pcp-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-import-ganglia2pcp-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-import-iostat2pcp-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-import-mrtg2pcp-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-import-sar2pcp-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-activemq-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-apache-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-bash-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-bind2-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-bonding-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-bpf-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-bpftrace-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-cifs-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-cisco-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-dbping-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-denki-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-dm-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-docker-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-ds389-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-ds389log-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-elasticsearch-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-gfs2-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-gluster-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-gpfs-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-gpsd-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-hacluster-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-haproxy-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-infiniband-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-json-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-libvirt-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-lio-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-lmsensors-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-logger-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-lustre-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-lustrecomm-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-mailq-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-memcache-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-mic-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-mongodb-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-mounts-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-mysql-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-named-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-netcheck-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-netfilter-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-news-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-nfsclient-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-nginx-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-nutcracker-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-nvidia-gpu-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-openmetrics-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-openvswitch-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-oracle-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-pdns-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-perfevent-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-podman-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-postfix-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-postgresql-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-rabbitmq-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-redis-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-roomtemp-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-rsyslog-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-samba-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-sendmail-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-shping-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-slurm-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-smart-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-snmp-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-sockets-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-summary-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-systemd-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-trace-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-unbound-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-weblog-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-zimbra-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-pmda-zswap-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-selinux-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-system-tools-5.3.7-7.oe2203sp3.aarch64.rpm","pcp-zeroconf-5.3.7-7.oe2203sp3.aarch64.rpm","perl-PCP-LogImport-5.3.7-7.oe2203sp3.aarch64.rpm","perl-PCP-LogSummary-5.3.7-7.oe2203sp3.aarch64.rpm","perl-PCP-MMV-5.3.7-7.oe2203sp3.aarch64.rpm","perl-PCP-PMDA-5.3.7-7.oe2203sp3.aarch64.rpm","python3-pcp-5.3.7-7.oe2203sp3.aarch64.rpm"],"noarch":["pcp-help-5.3.7-7.oe2203sp3.noarch.rpm"],"src":["pcp-5.3.7-7.oe2203sp3.src.rpm"],"x86_64":["pcp-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-conf-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-debuginfo-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-debugsource-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-devel-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-export-pcp2elasticsearch-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-export-pcp2graphite-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-export-pcp2influxdb-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-export-pcp2json-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-export-pcp2spark-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-export-pcp2xml-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-export-pcp2zabbix-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-export-zabbix-agent-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-gui-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-import-collectl2pcp-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-import-ganglia2pcp-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-import-iostat2pcp-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-import-mrtg2pcp-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-import-sar2pcp-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-activemq-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-apache-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-bash-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-bcc-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-bind2-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-bonding-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-bpf-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-bpftrace-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-cifs-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-cisco-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-dbping-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-denki-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-dm-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-docker-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-ds389-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-ds389log-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-elasticsearch-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-gfs2-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-gluster-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-gpfs-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-gpsd-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-hacluster-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-haproxy-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-infiniband-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-json-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-libvirt-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-lio-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-lmsensors-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-logger-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-lustre-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-lustrecomm-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-mailq-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-memcache-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-mic-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-mongodb-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-mounts-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-mssql-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-mysql-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-named-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-netcheck-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-netfilter-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-news-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-nfsclient-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-nginx-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-nutcracker-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-nvidia-gpu-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-openmetrics-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-openvswitch-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-oracle-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-pdns-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-perfevent-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-podman-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-postfix-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-postgresql-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-rabbitmq-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-redis-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-roomtemp-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-rsyslog-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-samba-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-sendmail-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-shping-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-slurm-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-smart-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-snmp-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-sockets-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-summary-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-systemd-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-trace-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-unbound-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-weblog-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-zimbra-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-pmda-zswap-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-selinux-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-system-tools-5.3.7-7.oe2203sp3.x86_64.rpm","pcp-zeroconf-5.3.7-7.oe2203sp3.x86_64.rpm","perl-PCP-LogImport-5.3.7-7.oe2203sp3.x86_64.rpm","perl-PCP-LogSummary-5.3.7-7.oe2203sp3.x86_64.rpm","perl-PCP-MMV-5.3.7-7.oe2203sp3.x86_64.rpm","perl-PCP-PMDA-5.3.7-7.oe2203sp3.x86_64.rpm","python3-pcp-5.3.7-7.oe2203sp3.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1293"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45769"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45770"}],"database_specific":{"severity":"Medium"}}