Issued:: 2024-11-12
Updated:: 2024-11-12

RHSA-2024:9472 - Security Advisory

Overview
Updated Packages

Synopsis

Important: grafana-pcp security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for grafana-pcp is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards.

Security Fix(es):

encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 9 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
Red Hat Enterprise Linux Server - AUS 9.6 x86_64
Red Hat Enterprise Linux for IBM z Systems 9 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
Red Hat Enterprise Linux for Power, little endian 9 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
Red Hat Enterprise Linux for ARM 64 9 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x

Fixes

BZ - 2310528 - CVE-2024-34156 encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

CVEs

CVE-2024-34156

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 9

SRPM
grafana-pcp-5.1.1-9.el9_5.src.rpm	SHA-256: b0965ad51edc175f28934894a40a247ed7d9df90d7f8a8fde115f97278435ffb
x86_64
grafana-pcp-5.1.1-9.el9_5.x86_64.rpm	SHA-256: b275b9ead39779e13abfaacee0f75a3db37e0d0f5919af44a3da984054c743f0
grafana-pcp-debuginfo-5.1.1-9.el9_5.x86_64.rpm	SHA-256: 560e8c7fac25b682ca12db768e7033addcbac1e75a5528363b08ee7ecaaeebcc
grafana-pcp-debugsource-5.1.1-9.el9_5.x86_64.rpm	SHA-256: 94b3491e77c72ed12130dd65ab768ed6e67f5d87887db6ca3022fb00588f7c4f

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6

SRPM
grafana-pcp-5.1.1-9.el9_5.src.rpm	SHA-256: b0965ad51edc175f28934894a40a247ed7d9df90d7f8a8fde115f97278435ffb
x86_64
grafana-pcp-5.1.1-9.el9_5.x86_64.rpm	SHA-256: b275b9ead39779e13abfaacee0f75a3db37e0d0f5919af44a3da984054c743f0
grafana-pcp-debuginfo-5.1.1-9.el9_5.x86_64.rpm	SHA-256: 560e8c7fac25b682ca12db768e7033addcbac1e75a5528363b08ee7ecaaeebcc
grafana-pcp-debugsource-5.1.1-9.el9_5.x86_64.rpm	SHA-256: 94b3491e77c72ed12130dd65ab768ed6e67f5d87887db6ca3022fb00588f7c4f

Red Hat Enterprise Linux Server - AUS 9.6

SRPM
grafana-pcp-5.1.1-9.el9_5.src.rpm	SHA-256: b0965ad51edc175f28934894a40a247ed7d9df90d7f8a8fde115f97278435ffb
x86_64
grafana-pcp-5.1.1-9.el9_5.x86_64.rpm	SHA-256: b275b9ead39779e13abfaacee0f75a3db37e0d0f5919af44a3da984054c743f0
grafana-pcp-debuginfo-5.1.1-9.el9_5.x86_64.rpm	SHA-256: 560e8c7fac25b682ca12db768e7033addcbac1e75a5528363b08ee7ecaaeebcc
grafana-pcp-debugsource-5.1.1-9.el9_5.x86_64.rpm	SHA-256: 94b3491e77c72ed12130dd65ab768ed6e67f5d87887db6ca3022fb00588f7c4f

Red Hat Enterprise Linux for IBM z Systems 9

SRPM
grafana-pcp-5.1.1-9.el9_5.src.rpm	SHA-256: b0965ad51edc175f28934894a40a247ed7d9df90d7f8a8fde115f97278435ffb
s390x
grafana-pcp-5.1.1-9.el9_5.s390x.rpm	SHA-256: 4ec401a4f1e5cdba9e3e2f5b07c48e6dc1734732c182f04c7663fff2c53920f6
grafana-pcp-debuginfo-5.1.1-9.el9_5.s390x.rpm	SHA-256: 51dd8741d534208e6988e4e9d464a9dd64c88428b7b82155a26704c5211e3334
grafana-pcp-debugsource-5.1.1-9.el9_5.s390x.rpm	SHA-256: e3f1d50dbd91125895ca91406e7d3db085c5b9872dc92f6363cb42a26a3a55ae

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6

SRPM
grafana-pcp-5.1.1-9.el9_5.src.rpm	SHA-256: b0965ad51edc175f28934894a40a247ed7d9df90d7f8a8fde115f97278435ffb
s390x
grafana-pcp-5.1.1-9.el9_5.s390x.rpm	SHA-256: 4ec401a4f1e5cdba9e3e2f5b07c48e6dc1734732c182f04c7663fff2c53920f6
grafana-pcp-debuginfo-5.1.1-9.el9_5.s390x.rpm	SHA-256: 51dd8741d534208e6988e4e9d464a9dd64c88428b7b82155a26704c5211e3334
grafana-pcp-debugsource-5.1.1-9.el9_5.s390x.rpm	SHA-256: e3f1d50dbd91125895ca91406e7d3db085c5b9872dc92f6363cb42a26a3a55ae

Red Hat Enterprise Linux for Power, little endian 9

SRPM
grafana-pcp-5.1.1-9.el9_5.src.rpm	SHA-256: b0965ad51edc175f28934894a40a247ed7d9df90d7f8a8fde115f97278435ffb
ppc64le
grafana-pcp-5.1.1-9.el9_5.ppc64le.rpm	SHA-256: b0f3ea00d344c9efdb39120c23bbb6e7c0aca4f4bac79ae1984e70fd8cd5e6bc
grafana-pcp-debuginfo-5.1.1-9.el9_5.ppc64le.rpm	SHA-256: e7f641afc49c16aa8d8f0b66007aacd2c45a3160c251250b7f5ae0d7f2405943
grafana-pcp-debugsource-5.1.1-9.el9_5.ppc64le.rpm	SHA-256: 19c92a67271f03e9a1297b0e5ea298ddd318008cb59d6f3c836e42c90fcf2358

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6

SRPM
grafana-pcp-5.1.1-9.el9_5.src.rpm	SHA-256: b0965ad51edc175f28934894a40a247ed7d9df90d7f8a8fde115f97278435ffb
ppc64le
grafana-pcp-5.1.1-9.el9_5.ppc64le.rpm	SHA-256: b0f3ea00d344c9efdb39120c23bbb6e7c0aca4f4bac79ae1984e70fd8cd5e6bc
grafana-pcp-debuginfo-5.1.1-9.el9_5.ppc64le.rpm	SHA-256: e7f641afc49c16aa8d8f0b66007aacd2c45a3160c251250b7f5ae0d7f2405943
grafana-pcp-debugsource-5.1.1-9.el9_5.ppc64le.rpm	SHA-256: 19c92a67271f03e9a1297b0e5ea298ddd318008cb59d6f3c836e42c90fcf2358

Red Hat Enterprise Linux for ARM 64 9

SRPM
grafana-pcp-5.1.1-9.el9_5.src.rpm	SHA-256: b0965ad51edc175f28934894a40a247ed7d9df90d7f8a8fde115f97278435ffb
aarch64
grafana-pcp-5.1.1-9.el9_5.aarch64.rpm	SHA-256: 21a65898a0d5e20abadf168cadc5609bf2b86fb04747acaee58302fc2f5ded87
grafana-pcp-debuginfo-5.1.1-9.el9_5.aarch64.rpm	SHA-256: 287c298338cac2ff7b48f822d5001df0330883344559c1aabc43d2816d2b1e8c
grafana-pcp-debugsource-5.1.1-9.el9_5.aarch64.rpm	SHA-256: b7b1d720373d343857883d9d8cd2b20662b0bc0d5889212f8740afef55b22a1d

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6

SRPM
grafana-pcp-5.1.1-9.el9_5.src.rpm	SHA-256: b0965ad51edc175f28934894a40a247ed7d9df90d7f8a8fde115f97278435ffb
aarch64
grafana-pcp-5.1.1-9.el9_5.aarch64.rpm	SHA-256: 21a65898a0d5e20abadf168cadc5609bf2b86fb04747acaee58302fc2f5ded87
grafana-pcp-debuginfo-5.1.1-9.el9_5.aarch64.rpm	SHA-256: 287c298338cac2ff7b48f822d5001df0330883344559c1aabc43d2816d2b1e8c
grafana-pcp-debugsource-5.1.1-9.el9_5.aarch64.rpm	SHA-256: b7b1d720373d343857883d9d8cd2b20662b0bc0d5889212f8740afef55b22a1d

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6

SRPM
grafana-pcp-5.1.1-9.el9_5.src.rpm	SHA-256: b0965ad51edc175f28934894a40a247ed7d9df90d7f8a8fde115f97278435ffb
ppc64le
grafana-pcp-5.1.1-9.el9_5.ppc64le.rpm	SHA-256: b0f3ea00d344c9efdb39120c23bbb6e7c0aca4f4bac79ae1984e70fd8cd5e6bc
grafana-pcp-debuginfo-5.1.1-9.el9_5.ppc64le.rpm	SHA-256: e7f641afc49c16aa8d8f0b66007aacd2c45a3160c251250b7f5ae0d7f2405943
grafana-pcp-debugsource-5.1.1-9.el9_5.ppc64le.rpm	SHA-256: 19c92a67271f03e9a1297b0e5ea298ddd318008cb59d6f3c836e42c90fcf2358

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6

SRPM
grafana-pcp-5.1.1-9.el9_5.src.rpm	SHA-256: b0965ad51edc175f28934894a40a247ed7d9df90d7f8a8fde115f97278435ffb
x86_64
grafana-pcp-5.1.1-9.el9_5.x86_64.rpm	SHA-256: b275b9ead39779e13abfaacee0f75a3db37e0d0f5919af44a3da984054c743f0
grafana-pcp-debuginfo-5.1.1-9.el9_5.x86_64.rpm	SHA-256: 560e8c7fac25b682ca12db768e7033addcbac1e75a5528363b08ee7ecaaeebcc
grafana-pcp-debugsource-5.1.1-9.el9_5.x86_64.rpm	SHA-256: 94b3491e77c72ed12130dd65ab768ed6e67f5d87887db6ca3022fb00588f7c4f

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6

SRPM
grafana-pcp-5.1.1-9.el9_5.src.rpm	SHA-256: b0965ad51edc175f28934894a40a247ed7d9df90d7f8a8fde115f97278435ffb
aarch64
grafana-pcp-5.1.1-9.el9_5.aarch64.rpm	SHA-256: 21a65898a0d5e20abadf168cadc5609bf2b86fb04747acaee58302fc2f5ded87
grafana-pcp-debuginfo-5.1.1-9.el9_5.aarch64.rpm	SHA-256: 287c298338cac2ff7b48f822d5001df0330883344559c1aabc43d2816d2b1e8c
grafana-pcp-debugsource-5.1.1-9.el9_5.aarch64.rpm	SHA-256: b7b1d720373d343857883d9d8cd2b20662b0bc0d5889212f8740afef55b22a1d

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6

SRPM
grafana-pcp-5.1.1-9.el9_5.src.rpm	SHA-256: b0965ad51edc175f28934894a40a247ed7d9df90d7f8a8fde115f97278435ffb
s390x
grafana-pcp-5.1.1-9.el9_5.s390x.rpm	SHA-256: 4ec401a4f1e5cdba9e3e2f5b07c48e6dc1734732c182f04c7663fff2c53920f6
grafana-pcp-debuginfo-5.1.1-9.el9_5.s390x.rpm	SHA-256: 51dd8741d534208e6988e4e9d464a9dd64c88428b7b82155a26704c5211e3334
grafana-pcp-debugsource-5.1.1-9.el9_5.s390x.rpm	SHA-256: e3f1d50dbd91125895ca91406e7d3db085c5b9872dc92f6363cb42a26a3a55ae

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation