Описание
A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges. This disparity in privilege levels poses a risk when privileged root processes interact with directories or directory trees owned by unprivileged PCP users. Specifically, this vulnerability may lead to the compromise of PCP user isolation and facilitate local PCP-to-root exploits, particularly through symlink attacks. These vulnerabilities underscore the importance of maintaining robust privilege separation mechanisms within PCP to mitigate the potential for unauthorized privilege escalation.
Отчет
The severity of the discovered security issues within the Performance Co-Pilot (PCP) software on Red Hat Enterprise Linux is classified as moderate rather than important due to several mitigating factors. Firstly, exploitation of these vulnerabilities requires an already compromised pcp system account, thus limiting the potential attack surface. Additionally, the vulnerabilities stem from the unsafe mixture of root and pcp user privileges on specific directories, rather than inherent flaws within the PCP software itself. While the vulnerabilities allow local users to escalate privileges to root level, they do not directly expose the system to remote exploitation or compromise. Furthermore, the exploits rely on specific conditions such as the existence of symbolic links and the ability to manipulate directory structures, which may not always be present or feasible in every system configuration.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | pcp | Out of support scope | ||
| Red Hat Enterprise Linux 7 | pcp | Out of support scope | ||
| Red Hat Enterprise Linux 8 | pcp | Will not fix | ||
| Red Hat Enterprise Linux 9 | pcp | Fixed | RHSA-2024:2213 | 30.04.2024 |
Показывать по
Дополнительная информация
Статус:
EPSS
6 Medium
CVSS3
Связанные уязвимости
A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges. This disparity in privilege levels poses a risk when privileged root processes interact with directories or directory trees owned by unprivileged PCP users. Specifically, this vulnerability may lead to the compromise of PCP user isolation and facilitate local PCP-to-root exploits, particularly through symlink attacks. These vulnerabilities underscore the importance of maintaining robust privilege separation mechanisms within PCP to mitigate the potential for unauthorized privilege escalation.
A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges. This disparity in privilege levels poses a risk when privileged root processes interact with directories or directory trees owned by unprivileged PCP users. Specifically, this vulnerability may lead to the compromise of PCP user isolation and facilitate local PCP-to-root exploits, particularly through symlink attacks. These vulnerabilities underscore the importance of maintaining robust privilege separation mechanisms within PCP to mitigate the potential for unauthorized privilege escalation.
A vulnerability has been identified in the Performance Co-Pilot (PCP) ...
A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges. This disparity in privilege levels poses a risk when privileged root processes interact with directories or directory trees owned by unprivileged PCP users. Specifically, this vulnerability may lead to the compromise of PCP user isolation and facilitate local PCP-to-root exploits, particularly through symlink attacks. These vulnerabilities underscore the importance of maintaining robust privilege separation mechanisms within PCP to mitigate the potential for unauthorized privilege escalation.
EPSS
6 Medium
CVSS3