Synopsis
Important: grafana-pcp security update
Type/Severity
Security Advisory: Important
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for grafana-pcp is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards.
Security Fix(es):
- crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)
- golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)
- crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
-
Red Hat Enterprise Linux for x86_64 10 x86_64
-
Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 x86_64
-
Red Hat Enterprise Linux for IBM z Systems 10 s390x
-
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 s390x
-
Red Hat Enterprise Linux for Power, little endian 10 ppc64le
-
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 ppc64le
-
Red Hat Enterprise Linux for ARM 64 10 aarch64
-
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 aarch64
-
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2 aarch64
-
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2 s390x
-
Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.2 ppc64le
-
Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.2 x86_64
-
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 10.2 x86_64
-
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 10.2 aarch64
-
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 10.2 ppc64le
-
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 10.2 s390x
Fixes
-
BZ - 2418462
- CVE-2025-61729 crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate
-
BZ - 2434432
- CVE-2025-61726 golang: net/url: Memory exhaustion in query parameter parsing in net/url
-
BZ - 2437111
- CVE-2025-68121 crypto/tls: Unexpected session resumption in crypto/tls
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for x86_64 10
| SRPM |
|
grafana-pcp-5.3.0-2.el10_1.src.rpm
|
SHA-256: e8ad2531dda19f08b3b85601e0b8117ba3a71223fc3e928519991550e35acc75 |
| x86_64 |
|
grafana-pcp-5.3.0-2.el10_1.x86_64.rpm
|
SHA-256: 264f7db289379ee38f317aab219e19da249f6581010d313756a79586a4e8bd1b |
|
grafana-pcp-debuginfo-5.3.0-2.el10_1.x86_64.rpm
|
SHA-256: 3a355d309a5c307899e099c1535f9f45871cf56029cb1b09662d20e66100d9a7 |
|
grafana-pcp-debugsource-5.3.0-2.el10_1.x86_64.rpm
|
SHA-256: e23103a3dac3123e18281a06262f1b84bbfe2192521f42a4531025116bbc85b7 |
Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2
| SRPM |
|
grafana-pcp-5.3.0-2.el10_1.src.rpm
|
SHA-256: e8ad2531dda19f08b3b85601e0b8117ba3a71223fc3e928519991550e35acc75 |
| x86_64 |
|
grafana-pcp-5.3.0-2.el10_1.x86_64.rpm
|
SHA-256: 264f7db289379ee38f317aab219e19da249f6581010d313756a79586a4e8bd1b |
|
grafana-pcp-debuginfo-5.3.0-2.el10_1.x86_64.rpm
|
SHA-256: 3a355d309a5c307899e099c1535f9f45871cf56029cb1b09662d20e66100d9a7 |
|
grafana-pcp-debugsource-5.3.0-2.el10_1.x86_64.rpm
|
SHA-256: e23103a3dac3123e18281a06262f1b84bbfe2192521f42a4531025116bbc85b7 |
Red Hat Enterprise Linux for IBM z Systems 10
| SRPM |
|
grafana-pcp-5.3.0-2.el10_1.src.rpm
|
SHA-256: e8ad2531dda19f08b3b85601e0b8117ba3a71223fc3e928519991550e35acc75 |
| s390x |
|
grafana-pcp-5.3.0-2.el10_1.s390x.rpm
|
SHA-256: c8ea333b101fea79f95cb90f9297b61e4f24a80e112e04bf911c10c667594953 |
|
grafana-pcp-debuginfo-5.3.0-2.el10_1.s390x.rpm
|
SHA-256: 2aeb3f45d3e4ce63ef95d3d44983134197e981dfb14162c79070f5a9097a7bc9 |
|
grafana-pcp-debugsource-5.3.0-2.el10_1.s390x.rpm
|
SHA-256: 54950b71479d12e4426a35cf84c6a30a9498125922ecabc6f5f0cda02ededa24 |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2
| SRPM |
|
grafana-pcp-5.3.0-2.el10_1.src.rpm
|
SHA-256: e8ad2531dda19f08b3b85601e0b8117ba3a71223fc3e928519991550e35acc75 |
| s390x |
|
grafana-pcp-5.3.0-2.el10_1.s390x.rpm
|
SHA-256: c8ea333b101fea79f95cb90f9297b61e4f24a80e112e04bf911c10c667594953 |
|
grafana-pcp-debuginfo-5.3.0-2.el10_1.s390x.rpm
|
SHA-256: 2aeb3f45d3e4ce63ef95d3d44983134197e981dfb14162c79070f5a9097a7bc9 |
|
grafana-pcp-debugsource-5.3.0-2.el10_1.s390x.rpm
|
SHA-256: 54950b71479d12e4426a35cf84c6a30a9498125922ecabc6f5f0cda02ededa24 |
Red Hat Enterprise Linux for Power, little endian 10
| SRPM |
|
grafana-pcp-5.3.0-2.el10_1.src.rpm
|
SHA-256: e8ad2531dda19f08b3b85601e0b8117ba3a71223fc3e928519991550e35acc75 |
| ppc64le |
|
grafana-pcp-5.3.0-2.el10_1.ppc64le.rpm
|
SHA-256: 09d3225ff7eec476f89abd7167e84f1e516aa0bc4d7450262c218d109a9ff61a |
|
grafana-pcp-debuginfo-5.3.0-2.el10_1.ppc64le.rpm
|
SHA-256: b4262105224b4dbd3b8579347f0748cca21da6b65fe2e0607e91c563aee45892 |
|
grafana-pcp-debugsource-5.3.0-2.el10_1.ppc64le.rpm
|
SHA-256: c6108f8c4c75eaa2f1dc6c834d9a01cf7dfec0ddc640ddb6c6ea4d0c2f45ba4f |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2
| SRPM |
|
grafana-pcp-5.3.0-2.el10_1.src.rpm
|
SHA-256: e8ad2531dda19f08b3b85601e0b8117ba3a71223fc3e928519991550e35acc75 |
| ppc64le |
|
grafana-pcp-5.3.0-2.el10_1.ppc64le.rpm
|
SHA-256: 09d3225ff7eec476f89abd7167e84f1e516aa0bc4d7450262c218d109a9ff61a |
|
grafana-pcp-debuginfo-5.3.0-2.el10_1.ppc64le.rpm
|
SHA-256: b4262105224b4dbd3b8579347f0748cca21da6b65fe2e0607e91c563aee45892 |
|
grafana-pcp-debugsource-5.3.0-2.el10_1.ppc64le.rpm
|
SHA-256: c6108f8c4c75eaa2f1dc6c834d9a01cf7dfec0ddc640ddb6c6ea4d0c2f45ba4f |
Red Hat Enterprise Linux for ARM 64 10
| SRPM |
|
grafana-pcp-5.3.0-2.el10_1.src.rpm
|
SHA-256: e8ad2531dda19f08b3b85601e0b8117ba3a71223fc3e928519991550e35acc75 |
| aarch64 |
|
grafana-pcp-5.3.0-2.el10_1.aarch64.rpm
|
SHA-256: 0a828f6d30064a12846806af9194a34daed431ef533b4bf80c0d9d0feb7be3d5 |
|
grafana-pcp-debuginfo-5.3.0-2.el10_1.aarch64.rpm
|
SHA-256: 75183d025803e0562944208bf5b63a19c40a64711dbd8b8eaad7a2e5878b4f07 |
|
grafana-pcp-debugsource-5.3.0-2.el10_1.aarch64.rpm
|
SHA-256: 31bc7b6970042bf6e5cacf203d3190eb7cba2dab11a20887d02a64dabbaa4f8e |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2
| SRPM |
|
grafana-pcp-5.3.0-2.el10_1.src.rpm
|
SHA-256: e8ad2531dda19f08b3b85601e0b8117ba3a71223fc3e928519991550e35acc75 |
| aarch64 |
|
grafana-pcp-5.3.0-2.el10_1.aarch64.rpm
|
SHA-256: 0a828f6d30064a12846806af9194a34daed431ef533b4bf80c0d9d0feb7be3d5 |
|
grafana-pcp-debuginfo-5.3.0-2.el10_1.aarch64.rpm
|
SHA-256: 75183d025803e0562944208bf5b63a19c40a64711dbd8b8eaad7a2e5878b4f07 |
|
grafana-pcp-debugsource-5.3.0-2.el10_1.aarch64.rpm
|
SHA-256: 31bc7b6970042bf6e5cacf203d3190eb7cba2dab11a20887d02a64dabbaa4f8e |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2
| SRPM |
|
grafana-pcp-5.3.0-2.el10_1.src.rpm
|
SHA-256: e8ad2531dda19f08b3b85601e0b8117ba3a71223fc3e928519991550e35acc75 |
| aarch64 |
|
grafana-pcp-5.3.0-2.el10_1.aarch64.rpm
|
SHA-256: 0a828f6d30064a12846806af9194a34daed431ef533b4bf80c0d9d0feb7be3d5 |
|
grafana-pcp-debuginfo-5.3.0-2.el10_1.aarch64.rpm
|
SHA-256: 75183d025803e0562944208bf5b63a19c40a64711dbd8b8eaad7a2e5878b4f07 |
|
grafana-pcp-debugsource-5.3.0-2.el10_1.aarch64.rpm
|
SHA-256: 31bc7b6970042bf6e5cacf203d3190eb7cba2dab11a20887d02a64dabbaa4f8e |
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2
| SRPM |
|
grafana-pcp-5.3.0-2.el10_1.src.rpm
|
SHA-256: e8ad2531dda19f08b3b85601e0b8117ba3a71223fc3e928519991550e35acc75 |
| s390x |
|
grafana-pcp-5.3.0-2.el10_1.s390x.rpm
|
SHA-256: c8ea333b101fea79f95cb90f9297b61e4f24a80e112e04bf911c10c667594953 |
|
grafana-pcp-debuginfo-5.3.0-2.el10_1.s390x.rpm
|
SHA-256: 2aeb3f45d3e4ce63ef95d3d44983134197e981dfb14162c79070f5a9097a7bc9 |
|
grafana-pcp-debugsource-5.3.0-2.el10_1.s390x.rpm
|
SHA-256: 54950b71479d12e4426a35cf84c6a30a9498125922ecabc6f5f0cda02ededa24 |
Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.2
| SRPM |
|
grafana-pcp-5.3.0-2.el10_1.src.rpm
|
SHA-256: e8ad2531dda19f08b3b85601e0b8117ba3a71223fc3e928519991550e35acc75 |
| ppc64le |
|
grafana-pcp-5.3.0-2.el10_1.ppc64le.rpm
|
SHA-256: 09d3225ff7eec476f89abd7167e84f1e516aa0bc4d7450262c218d109a9ff61a |
|
grafana-pcp-debuginfo-5.3.0-2.el10_1.ppc64le.rpm
|
SHA-256: b4262105224b4dbd3b8579347f0748cca21da6b65fe2e0607e91c563aee45892 |
|
grafana-pcp-debugsource-5.3.0-2.el10_1.ppc64le.rpm
|
SHA-256: c6108f8c4c75eaa2f1dc6c834d9a01cf7dfec0ddc640ddb6c6ea4d0c2f45ba4f |
Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.2
| SRPM |
|
grafana-pcp-5.3.0-2.el10_1.src.rpm
|
SHA-256: e8ad2531dda19f08b3b85601e0b8117ba3a71223fc3e928519991550e35acc75 |
| x86_64 |
|
grafana-pcp-5.3.0-2.el10_1.x86_64.rpm
|
SHA-256: 264f7db289379ee38f317aab219e19da249f6581010d313756a79586a4e8bd1b |
|
grafana-pcp-debuginfo-5.3.0-2.el10_1.x86_64.rpm
|
SHA-256: 3a355d309a5c307899e099c1535f9f45871cf56029cb1b09662d20e66100d9a7 |
|
grafana-pcp-debugsource-5.3.0-2.el10_1.x86_64.rpm
|
SHA-256: e23103a3dac3123e18281a06262f1b84bbfe2192521f42a4531025116bbc85b7 |
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 10.2
| SRPM |
|
grafana-pcp-5.3.0-2.el10_1.src.rpm
|
SHA-256: e8ad2531dda19f08b3b85601e0b8117ba3a71223fc3e928519991550e35acc75 |
| x86_64 |
|
grafana-pcp-5.3.0-2.el10_1.x86_64.rpm
|
SHA-256: 264f7db289379ee38f317aab219e19da249f6581010d313756a79586a4e8bd1b |
|
grafana-pcp-debuginfo-5.3.0-2.el10_1.x86_64.rpm
|
SHA-256: 3a355d309a5c307899e099c1535f9f45871cf56029cb1b09662d20e66100d9a7 |
|
grafana-pcp-debugsource-5.3.0-2.el10_1.x86_64.rpm
|
SHA-256: e23103a3dac3123e18281a06262f1b84bbfe2192521f42a4531025116bbc85b7 |
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 10.2
| SRPM |
|
grafana-pcp-5.3.0-2.el10_1.src.rpm
|
SHA-256: e8ad2531dda19f08b3b85601e0b8117ba3a71223fc3e928519991550e35acc75 |
| aarch64 |
|
grafana-pcp-5.3.0-2.el10_1.aarch64.rpm
|
SHA-256: 0a828f6d30064a12846806af9194a34daed431ef533b4bf80c0d9d0feb7be3d5 |
|
grafana-pcp-debuginfo-5.3.0-2.el10_1.aarch64.rpm
|
SHA-256: 75183d025803e0562944208bf5b63a19c40a64711dbd8b8eaad7a2e5878b4f07 |
|
grafana-pcp-debugsource-5.3.0-2.el10_1.aarch64.rpm
|
SHA-256: 31bc7b6970042bf6e5cacf203d3190eb7cba2dab11a20887d02a64dabbaa4f8e |
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 10.2
| SRPM |
|
grafana-pcp-5.3.0-2.el10_1.src.rpm
|
SHA-256: e8ad2531dda19f08b3b85601e0b8117ba3a71223fc3e928519991550e35acc75 |
| ppc64le |
|
grafana-pcp-5.3.0-2.el10_1.ppc64le.rpm
|
SHA-256: 09d3225ff7eec476f89abd7167e84f1e516aa0bc4d7450262c218d109a9ff61a |
|
grafana-pcp-debuginfo-5.3.0-2.el10_1.ppc64le.rpm
|
SHA-256: b4262105224b4dbd3b8579347f0748cca21da6b65fe2e0607e91c563aee45892 |
|
grafana-pcp-debugsource-5.3.0-2.el10_1.ppc64le.rpm
|
SHA-256: c6108f8c4c75eaa2f1dc6c834d9a01cf7dfec0ddc640ddb6c6ea4d0c2f45ba4f |
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 10.2
| SRPM |
|
grafana-pcp-5.3.0-2.el10_1.src.rpm
|
SHA-256: e8ad2531dda19f08b3b85601e0b8117ba3a71223fc3e928519991550e35acc75 |
| s390x |
|
grafana-pcp-5.3.0-2.el10_1.s390x.rpm
|
SHA-256: c8ea333b101fea79f95cb90f9297b61e4f24a80e112e04bf911c10c667594953 |
|
grafana-pcp-debuginfo-5.3.0-2.el10_1.s390x.rpm
|
SHA-256: 2aeb3f45d3e4ce63ef95d3d44983134197e981dfb14162c79070f5a9097a7bc9 |
|
grafana-pcp-debugsource-5.3.0-2.el10_1.s390x.rpm
|
SHA-256: 54950b71479d12e4426a35cf84c6a30a9498125922ecabc6f5f0cda02ededa24 |
