Synopsis
Important: grafana-pcp security update
Type/Severity
Security Advisory: Important
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for grafana-pcp is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards.
Security Fix(es):
- encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
-
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2 x86_64
-
Red Hat Enterprise Linux Server - AUS 9.2 x86_64
-
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2 s390x
-
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2 ppc64le
-
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2 aarch64
-
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
-
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
-
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64
-
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x
-
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2 x86_64
-
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.2 aarch64
-
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.2 ppc64le
-
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.2 s390x
Fixes
-
BZ - 2310528
- CVE-2024-34156 encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2
| SRPM |
|
grafana-pcp-5.1.1-2.el9_2.src.rpm
|
SHA-256: f4a9b06b24b195e3ef5cb088c6e1950b6319f5d93d9a2f4b1d5f673dce95b15f |
| x86_64 |
|
grafana-pcp-5.1.1-2.el9_2.x86_64.rpm
|
SHA-256: 0aae93c980ac43a089882beb164fd92eb9cc0b8feb6bed73af8f3c00afe71d2d |
|
grafana-pcp-debuginfo-5.1.1-2.el9_2.x86_64.rpm
|
SHA-256: c9004563acec981edccb2657491bc8504d8f9842b1f26db5a5edab366ca636e7 |
|
grafana-pcp-debugsource-5.1.1-2.el9_2.x86_64.rpm
|
SHA-256: 873a6143ff643883aaf7753a094aaa09c83f2d065028b3da2f1f633da77730ca |
Red Hat Enterprise Linux Server - AUS 9.2
| SRPM |
|
grafana-pcp-5.1.1-2.el9_2.src.rpm
|
SHA-256: f4a9b06b24b195e3ef5cb088c6e1950b6319f5d93d9a2f4b1d5f673dce95b15f |
| x86_64 |
|
grafana-pcp-5.1.1-2.el9_2.x86_64.rpm
|
SHA-256: 0aae93c980ac43a089882beb164fd92eb9cc0b8feb6bed73af8f3c00afe71d2d |
|
grafana-pcp-debuginfo-5.1.1-2.el9_2.x86_64.rpm
|
SHA-256: c9004563acec981edccb2657491bc8504d8f9842b1f26db5a5edab366ca636e7 |
|
grafana-pcp-debugsource-5.1.1-2.el9_2.x86_64.rpm
|
SHA-256: 873a6143ff643883aaf7753a094aaa09c83f2d065028b3da2f1f633da77730ca |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2
| SRPM |
|
grafana-pcp-5.1.1-2.el9_2.src.rpm
|
SHA-256: f4a9b06b24b195e3ef5cb088c6e1950b6319f5d93d9a2f4b1d5f673dce95b15f |
| s390x |
|
grafana-pcp-5.1.1-2.el9_2.s390x.rpm
|
SHA-256: 4020c87c37b46c49d87c1a87d608fff50e4e412c6dc7ac6d9bec6d5a209d78ad |
|
grafana-pcp-debuginfo-5.1.1-2.el9_2.s390x.rpm
|
SHA-256: 1caa5c4e57916678505f8c65dc040bb763902f34d2100e1fed2fb60abfa121a1 |
|
grafana-pcp-debugsource-5.1.1-2.el9_2.s390x.rpm
|
SHA-256: 35ef434d38014a4dfcd16bbbdcbcaeb090b29da79807509d26ba937128dd9c4d |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2
| SRPM |
|
grafana-pcp-5.1.1-2.el9_2.src.rpm
|
SHA-256: f4a9b06b24b195e3ef5cb088c6e1950b6319f5d93d9a2f4b1d5f673dce95b15f |
| ppc64le |
|
grafana-pcp-5.1.1-2.el9_2.ppc64le.rpm
|
SHA-256: 27e257967f9992dc7ad2f6e8d11295573def274cd43d578ac99f9422683315a3 |
|
grafana-pcp-debuginfo-5.1.1-2.el9_2.ppc64le.rpm
|
SHA-256: a311ba20f5232f17c85a81869d19ac97d26ac78e16f45ccb6532a2309e7625e2 |
|
grafana-pcp-debugsource-5.1.1-2.el9_2.ppc64le.rpm
|
SHA-256: 2a66c0b8ab78f0285a27658c6c2f9804bf5d6a0d87236778a9f6a5b16d33aa43 |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2
| SRPM |
|
grafana-pcp-5.1.1-2.el9_2.src.rpm
|
SHA-256: f4a9b06b24b195e3ef5cb088c6e1950b6319f5d93d9a2f4b1d5f673dce95b15f |
| aarch64 |
|
grafana-pcp-5.1.1-2.el9_2.aarch64.rpm
|
SHA-256: 322dac7a34b8ef6dcc91b1a96a52acc68cbd9e65e653321ca07627fd5d4f0f4a |
|
grafana-pcp-debuginfo-5.1.1-2.el9_2.aarch64.rpm
|
SHA-256: dfa0cc3f2f3a9377a1b9bfe94e49971d77043848dc23b02505aa3424ee95b789 |
|
grafana-pcp-debugsource-5.1.1-2.el9_2.aarch64.rpm
|
SHA-256: c8cf6a1b6921e911a3ac612442848bab7579c1d3a3e0b172912a3104b3af369c |
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2
| SRPM |
|
grafana-pcp-5.1.1-2.el9_2.src.rpm
|
SHA-256: f4a9b06b24b195e3ef5cb088c6e1950b6319f5d93d9a2f4b1d5f673dce95b15f |
| ppc64le |
|
grafana-pcp-5.1.1-2.el9_2.ppc64le.rpm
|
SHA-256: 27e257967f9992dc7ad2f6e8d11295573def274cd43d578ac99f9422683315a3 |
|
grafana-pcp-debuginfo-5.1.1-2.el9_2.ppc64le.rpm
|
SHA-256: a311ba20f5232f17c85a81869d19ac97d26ac78e16f45ccb6532a2309e7625e2 |
|
grafana-pcp-debugsource-5.1.1-2.el9_2.ppc64le.rpm
|
SHA-256: 2a66c0b8ab78f0285a27658c6c2f9804bf5d6a0d87236778a9f6a5b16d33aa43 |
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2
| SRPM |
|
grafana-pcp-5.1.1-2.el9_2.src.rpm
|
SHA-256: f4a9b06b24b195e3ef5cb088c6e1950b6319f5d93d9a2f4b1d5f673dce95b15f |
| x86_64 |
|
grafana-pcp-5.1.1-2.el9_2.x86_64.rpm
|
SHA-256: 0aae93c980ac43a089882beb164fd92eb9cc0b8feb6bed73af8f3c00afe71d2d |
|
grafana-pcp-debuginfo-5.1.1-2.el9_2.x86_64.rpm
|
SHA-256: c9004563acec981edccb2657491bc8504d8f9842b1f26db5a5edab366ca636e7 |
|
grafana-pcp-debugsource-5.1.1-2.el9_2.x86_64.rpm
|
SHA-256: 873a6143ff643883aaf7753a094aaa09c83f2d065028b3da2f1f633da77730ca |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2
| SRPM |
|
grafana-pcp-5.1.1-2.el9_2.src.rpm
|
SHA-256: f4a9b06b24b195e3ef5cb088c6e1950b6319f5d93d9a2f4b1d5f673dce95b15f |
| aarch64 |
|
grafana-pcp-5.1.1-2.el9_2.aarch64.rpm
|
SHA-256: 322dac7a34b8ef6dcc91b1a96a52acc68cbd9e65e653321ca07627fd5d4f0f4a |
|
grafana-pcp-debuginfo-5.1.1-2.el9_2.aarch64.rpm
|
SHA-256: dfa0cc3f2f3a9377a1b9bfe94e49971d77043848dc23b02505aa3424ee95b789 |
|
grafana-pcp-debugsource-5.1.1-2.el9_2.aarch64.rpm
|
SHA-256: c8cf6a1b6921e911a3ac612442848bab7579c1d3a3e0b172912a3104b3af369c |
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2
| SRPM |
|
grafana-pcp-5.1.1-2.el9_2.src.rpm
|
SHA-256: f4a9b06b24b195e3ef5cb088c6e1950b6319f5d93d9a2f4b1d5f673dce95b15f |
| s390x |
|
grafana-pcp-5.1.1-2.el9_2.s390x.rpm
|
SHA-256: 4020c87c37b46c49d87c1a87d608fff50e4e412c6dc7ac6d9bec6d5a209d78ad |
|
grafana-pcp-debuginfo-5.1.1-2.el9_2.s390x.rpm
|
SHA-256: 1caa5c4e57916678505f8c65dc040bb763902f34d2100e1fed2fb60abfa121a1 |
|
grafana-pcp-debugsource-5.1.1-2.el9_2.s390x.rpm
|
SHA-256: 35ef434d38014a4dfcd16bbbdcbcaeb090b29da79807509d26ba937128dd9c4d |
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2
| SRPM |
|
grafana-pcp-5.1.1-2.el9_2.src.rpm
|
SHA-256: f4a9b06b24b195e3ef5cb088c6e1950b6319f5d93d9a2f4b1d5f673dce95b15f |
| x86_64 |
|
grafana-pcp-5.1.1-2.el9_2.x86_64.rpm
|
SHA-256: 0aae93c980ac43a089882beb164fd92eb9cc0b8feb6bed73af8f3c00afe71d2d |
|
grafana-pcp-debuginfo-5.1.1-2.el9_2.x86_64.rpm
|
SHA-256: c9004563acec981edccb2657491bc8504d8f9842b1f26db5a5edab366ca636e7 |
|
grafana-pcp-debugsource-5.1.1-2.el9_2.x86_64.rpm
|
SHA-256: 873a6143ff643883aaf7753a094aaa09c83f2d065028b3da2f1f633da77730ca |
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.2
| SRPM |
|
grafana-pcp-5.1.1-2.el9_2.src.rpm
|
SHA-256: f4a9b06b24b195e3ef5cb088c6e1950b6319f5d93d9a2f4b1d5f673dce95b15f |
| aarch64 |
|
grafana-pcp-5.1.1-2.el9_2.aarch64.rpm
|
SHA-256: 322dac7a34b8ef6dcc91b1a96a52acc68cbd9e65e653321ca07627fd5d4f0f4a |
|
grafana-pcp-debuginfo-5.1.1-2.el9_2.aarch64.rpm
|
SHA-256: dfa0cc3f2f3a9377a1b9bfe94e49971d77043848dc23b02505aa3424ee95b789 |
|
grafana-pcp-debugsource-5.1.1-2.el9_2.aarch64.rpm
|
SHA-256: c8cf6a1b6921e911a3ac612442848bab7579c1d3a3e0b172912a3104b3af369c |
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.2
| SRPM |
|
grafana-pcp-5.1.1-2.el9_2.src.rpm
|
SHA-256: f4a9b06b24b195e3ef5cb088c6e1950b6319f5d93d9a2f4b1d5f673dce95b15f |
| ppc64le |
|
grafana-pcp-5.1.1-2.el9_2.ppc64le.rpm
|
SHA-256: 27e257967f9992dc7ad2f6e8d11295573def274cd43d578ac99f9422683315a3 |
|
grafana-pcp-debuginfo-5.1.1-2.el9_2.ppc64le.rpm
|
SHA-256: a311ba20f5232f17c85a81869d19ac97d26ac78e16f45ccb6532a2309e7625e2 |
|
grafana-pcp-debugsource-5.1.1-2.el9_2.ppc64le.rpm
|
SHA-256: 2a66c0b8ab78f0285a27658c6c2f9804bf5d6a0d87236778a9f6a5b16d33aa43 |
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.2
| SRPM |
|
grafana-pcp-5.1.1-2.el9_2.src.rpm
|
SHA-256: f4a9b06b24b195e3ef5cb088c6e1950b6319f5d93d9a2f4b1d5f673dce95b15f |
| s390x |
|
grafana-pcp-5.1.1-2.el9_2.s390x.rpm
|
SHA-256: 4020c87c37b46c49d87c1a87d608fff50e4e412c6dc7ac6d9bec6d5a209d78ad |
|
grafana-pcp-debuginfo-5.1.1-2.el9_2.s390x.rpm
|
SHA-256: 1caa5c4e57916678505f8c65dc040bb763902f34d2100e1fed2fb60abfa121a1 |
|
grafana-pcp-debugsource-5.1.1-2.el9_2.s390x.rpm
|
SHA-256: 35ef434d38014a4dfcd16bbbdcbcaeb090b29da79807509d26ba937128dd9c4d |
