MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
pcp
Recherche

pcp: pmcd network daemon review (SUSE Security Team Blog)

vendredi 20 septembre 2024, 20:05 , par LWN.net
The SUSE Security Team Blog has a detailed review of the Performance Co-Pilot (PCP) 6.2.1 release:

The rather complex PCP software suite was difficult to judge just from
a cursory look, so we decided to take a closer look especially at
PCP's networking logic at a later time. This report contains two CVEs
and some non-CVE related findings we also gathered during the
follow-up review.

CVE-2024-45769,
a flaw that could allow an attacker to send crafted data to crash
pcmd, and CVE-2024-45770,
which could allow a full local root exploit from the pcp user to root,
have been addressed in the 6.3.1
release of PCP.
https://lwn.net/Articles/991091/

Voir aussi

News copyright owned by their original publishers | Copyright © 2004 - 2024 Zicos / 440Network
Date Actuelle
mer. 18 déc. - 07:44 CET