Lucene search

RedHatRHSA-2020:3869

HistorySep 29, 2020 - 7:39 a.m.

(RHSA-2020:3869) Low: pcp security, bug fix, and enhancement update

2020-09-2907:39:07

access.redhat.com

performance co-pilot

security fix

local privilege escalation

cve-2019-3695

cve-2019-3696

red hat enterprise linux 7.9

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

8.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

20.2%

JSON

Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems.

Security Fix(es):

pcp: Local privilege escalation in pcp spec file %post section (CVE-2019-3695)
pcp: Local privilege escalation in pcp spec file through migrate_tempdirs (CVE-2019-3696)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.

OSVersionArchitecturePackageVersionFilename
RedHat7s390xpcp-pmda-roomtemp< 4.3.2-12.el7pcp-pmda-roomtemp-4.3.2-12.el7.s390x.rpm
RedHat7ppc64lepcp-pmda-pdns< 4.3.2-12.el7pcp-pmda-pdns-4.3.2-12.el7.ppc64le.rpm
RedHat7ppcpcp-debuginfo< 4.3.2-12.el7pcp-debuginfo-4.3.2-12.el7.ppc.rpm
RedHat7x86_64pcp-pmda-vmware< 4.3.2-12.el7pcp-pmda-vmware-4.3.2-12.el7.x86_64.rpm
RedHat7x86_64pcp-pmda-rpm< 4.3.2-12.el7pcp-pmda-rpm-4.3.2-12.el7.x86_64.rpm
RedHat7x86_64pcp-pmda-summary< 4.3.2-12.el7pcp-pmda-summary-4.3.2-12.el7.x86_64.rpm
RedHat7ppc64pcp-pmda-logger< 4.3.2-12.el7pcp-pmda-logger-4.3.2-12.el7.ppc64.rpm
RedHat7x86_64pcp-export-zabbix-agent< 4.3.2-12.el7pcp-export-zabbix-agent-4.3.2-12.el7.x86_64.rpm
RedHat7s390xpcp-pmda-nfsclient< 4.3.2-12.el7pcp-pmda-nfsclient-4.3.2-12.el7.s390x.rpm
RedHat7x86_64pcp-pmda-zswap< 4.3.2-12.el7pcp-pmda-zswap-4.3.2-12.el7.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	s390x	pcp-pmda-roomtemp	< 4.3.2-12.el7	pcp-pmda-roomtemp-4.3.2-12.el7.s390x.rpm
RedHat	7	ppc64le	pcp-pmda-pdns	< 4.3.2-12.el7	pcp-pmda-pdns-4.3.2-12.el7.ppc64le.rpm
RedHat	7	ppc	pcp-debuginfo	< 4.3.2-12.el7	pcp-debuginfo-4.3.2-12.el7.ppc.rpm
RedHat	7	x86_64	pcp-pmda-vmware	< 4.3.2-12.el7	pcp-pmda-vmware-4.3.2-12.el7.x86_64.rpm
RedHat	7	x86_64	pcp-pmda-rpm	< 4.3.2-12.el7	pcp-pmda-rpm-4.3.2-12.el7.x86_64.rpm
RedHat	7	x86_64	pcp-pmda-summary	< 4.3.2-12.el7	pcp-pmda-summary-4.3.2-12.el7.x86_64.rpm
RedHat	7	ppc64	pcp-pmda-logger	< 4.3.2-12.el7	pcp-pmda-logger-4.3.2-12.el7.ppc64.rpm
RedHat	7	x86_64	pcp-export-zabbix-agent	< 4.3.2-12.el7	pcp-export-zabbix-agent-4.3.2-12.el7.x86_64.rpm
RedHat	7	s390x	pcp-pmda-nfsclient	< 4.3.2-12.el7	pcp-pmda-nfsclient-4.3.2-12.el7.s390x.rpm
RedHat	7	x86_64	pcp-pmda-zswap	< 4.3.2-12.el7	pcp-pmda-zswap-4.3.2-12.el7.x86_64.rpm