PCP Vulnerability Could Lead to System Misbehavior or Crash

CVE-2024-45769

5.5MEDIUM

Key Information

Vendor: Red Hat
Status: Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 8.2 Advanced Update Support; Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support; Red Hat Enterprise Linux 8.4 Telecommunications Update Service
Vendor: CVE Published:; 19 September 2024

Summary

A vulnerability was found in Performance Co-Pilot (PCP). This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash.

Affected Version(s)

Red Hat Enterprise Linux 8 <= 0:5.3.7-22.el8_10

Red Hat Enterprise Linux 8.2 Advanced Update Support <= 0:5.0.2-9.el8_2

Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support <= 0:5.2.5-8.el8_4

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Risk change from: null to: 5.5 - (MEDIUM)
Sep 19, 2024
Vulnerability published.
Sep 19, 2024
Reported to Red Hat.
Sep 6, 2024
Vulnerability Reserved.
Sep 6, 2024

Collectors

NVD DatabaseMitre Database