Описание
Security update for pcp
This update for pcp fixes the following issues:
- Version upgrade 6.2.0 (bsc#1217826, PED#8192, CVE-2023-6917).
- Performance CoPilot 6 is not starting due to missing pmlogger_daily.timer (bsc#1222815).
Список пакетов
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
libpcp-devel-6.2.0-150400.5.12.3
libpcp3-6.2.0-150400.5.12.3
libpcp_gui2-6.2.0-150400.5.12.3
libpcp_import1-6.2.0-150400.5.12.3
libpcp_mmv1-6.2.0-150400.5.12.3
libpcp_trace2-6.2.0-150400.5.12.3
libpcp_web1-6.2.0-150400.5.12.3
pcp-6.2.0-150400.5.12.3
pcp-conf-6.2.0-150400.5.12.3
pcp-devel-6.2.0-150400.5.12.3
pcp-doc-6.2.0-150400.5.12.3
pcp-import-iostat2pcp-6.2.0-150400.5.12.3
pcp-import-mrtg2pcp-6.2.0-150400.5.12.3
pcp-import-sar2pcp-6.2.0-150400.5.12.3
pcp-system-tools-6.2.0-150400.5.12.3
perl-PCP-LogImport-6.2.0-150400.5.12.3
perl-PCP-LogSummary-6.2.0-150400.5.12.3
perl-PCP-MMV-6.2.0-150400.5.12.3
perl-PCP-PMDA-6.2.0-150400.5.12.3
python3-pcp-6.2.0-150400.5.12.3
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
libpcp-devel-6.2.0-150400.5.12.3
libpcp3-6.2.0-150400.5.12.3
libpcp_gui2-6.2.0-150400.5.12.3
libpcp_import1-6.2.0-150400.5.12.3
libpcp_mmv1-6.2.0-150400.5.12.3
libpcp_trace2-6.2.0-150400.5.12.3
libpcp_web1-6.2.0-150400.5.12.3
pcp-6.2.0-150400.5.12.3
pcp-conf-6.2.0-150400.5.12.3
pcp-devel-6.2.0-150400.5.12.3
pcp-doc-6.2.0-150400.5.12.3
pcp-import-iostat2pcp-6.2.0-150400.5.12.3
pcp-import-mrtg2pcp-6.2.0-150400.5.12.3
pcp-import-sar2pcp-6.2.0-150400.5.12.3
pcp-system-tools-6.2.0-150400.5.12.3
perl-PCP-LogImport-6.2.0-150400.5.12.3
perl-PCP-LogSummary-6.2.0-150400.5.12.3
perl-PCP-MMV-6.2.0-150400.5.12.3
perl-PCP-PMDA-6.2.0-150400.5.12.3
python3-pcp-6.2.0-150400.5.12.3
SUSE Linux Enterprise Server 15 SP4-LTSS
libpcp-devel-6.2.0-150400.5.12.3
libpcp3-6.2.0-150400.5.12.3
libpcp_gui2-6.2.0-150400.5.12.3
libpcp_import1-6.2.0-150400.5.12.3
libpcp_mmv1-6.2.0-150400.5.12.3
libpcp_trace2-6.2.0-150400.5.12.3
libpcp_web1-6.2.0-150400.5.12.3
pcp-6.2.0-150400.5.12.3
pcp-conf-6.2.0-150400.5.12.3
pcp-devel-6.2.0-150400.5.12.3
pcp-doc-6.2.0-150400.5.12.3
pcp-import-iostat2pcp-6.2.0-150400.5.12.3
pcp-import-mrtg2pcp-6.2.0-150400.5.12.3
pcp-import-sar2pcp-6.2.0-150400.5.12.3
pcp-pmda-perfevent-6.2.0-150400.5.12.3
pcp-system-tools-6.2.0-150400.5.12.3
perl-PCP-LogImport-6.2.0-150400.5.12.3
perl-PCP-LogSummary-6.2.0-150400.5.12.3
perl-PCP-MMV-6.2.0-150400.5.12.3
perl-PCP-PMDA-6.2.0-150400.5.12.3
python3-pcp-6.2.0-150400.5.12.3
SUSE Linux Enterprise Server for SAP Applications 15 SP4
libpcp-devel-6.2.0-150400.5.12.3
libpcp3-6.2.0-150400.5.12.3
libpcp_gui2-6.2.0-150400.5.12.3
libpcp_import1-6.2.0-150400.5.12.3
libpcp_mmv1-6.2.0-150400.5.12.3
libpcp_trace2-6.2.0-150400.5.12.3
libpcp_web1-6.2.0-150400.5.12.3
pcp-6.2.0-150400.5.12.3
pcp-conf-6.2.0-150400.5.12.3
pcp-devel-6.2.0-150400.5.12.3
pcp-doc-6.2.0-150400.5.12.3
pcp-import-iostat2pcp-6.2.0-150400.5.12.3
pcp-import-mrtg2pcp-6.2.0-150400.5.12.3
pcp-import-sar2pcp-6.2.0-150400.5.12.3
pcp-pmda-perfevent-6.2.0-150400.5.12.3
pcp-system-tools-6.2.0-150400.5.12.3
perl-PCP-LogImport-6.2.0-150400.5.12.3
perl-PCP-LogSummary-6.2.0-150400.5.12.3
perl-PCP-MMV-6.2.0-150400.5.12.3
perl-PCP-PMDA-6.2.0-150400.5.12.3
python3-pcp-6.2.0-150400.5.12.3
Ссылки
- Link for SUSE-SU-2025:0801-1
- E-Mail link for SUSE-SU-2025:0801-1
- SUSE Security Ratings
- SUSE Bug 1217826
- SUSE Bug 1222815
- SUSE CVE CVE-2023-6917 page
Описание
A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges. This disparity in privilege levels poses a risk when privileged root processes interact with directories or directory trees owned by unprivileged PCP users. Specifically, this vulnerability may lead to the compromise of PCP user isolation and facilitate local PCP-to-root exploits, particularly through symlink attacks. These vulnerabilities underscore the importance of maintaining robust privilege separation mechanisms within PCP to mitigate the potential for unauthorized privilege escalation.
Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpcp-devel-6.2.0-150400.5.12.3
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpcp3-6.2.0-150400.5.12.3
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpcp_gui2-6.2.0-150400.5.12.3
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpcp_import1-6.2.0-150400.5.12.3
Ссылки
- CVE-2023-6917
- SUSE Bug 1217826