Synopsis
Important: grafana-pcp security update
Type/Severity
Security Advisory: Important
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for grafana-pcp is now available for Red Hat Enterprise Linux 9.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards.
Security Fix(es):
- crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)
- golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)
- crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
-
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
-
Red Hat Enterprise Linux Server - AUS 9.6 x86_64
-
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
-
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
-
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
-
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
-
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
-
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
-
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x
-
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 x86_64
-
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 aarch64
-
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6 ppc64le
-
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6 s390x
Fixes
-
BZ - 2418462
- CVE-2025-61729 crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate
-
BZ - 2434432
- CVE-2025-61726 golang: net/url: Memory exhaustion in query parameter parsing in net/url
-
BZ - 2437111
- CVE-2025-68121 crypto/tls: Unexpected session resumption in crypto/tls
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6
| SRPM |
|
grafana-pcp-5.1.1-12.el9_6.src.rpm
|
SHA-256: 6eda6813d979c284ca60f307e95c28c48c0aa989cd785f20641c1f1dff045b43 |
| x86_64 |
|
grafana-pcp-5.1.1-12.el9_6.x86_64.rpm
|
SHA-256: 02de1a22e6288bc2db162885517e173517d64ce8534d5deda3a36ed7e0a64369 |
|
grafana-pcp-debuginfo-5.1.1-12.el9_6.x86_64.rpm
|
SHA-256: ae69d86b3dc88f3f36c60117b1206f925b4ae975de52c41a6c9f28482f368fcc |
|
grafana-pcp-debugsource-5.1.1-12.el9_6.x86_64.rpm
|
SHA-256: 89076de82566621d84735377d136f9bcaeae4d2d8baf9338260d6357d4613521 |
Red Hat Enterprise Linux Server - AUS 9.6
| SRPM |
|
grafana-pcp-5.1.1-12.el9_6.src.rpm
|
SHA-256: 6eda6813d979c284ca60f307e95c28c48c0aa989cd785f20641c1f1dff045b43 |
| x86_64 |
|
grafana-pcp-5.1.1-12.el9_6.x86_64.rpm
|
SHA-256: 02de1a22e6288bc2db162885517e173517d64ce8534d5deda3a36ed7e0a64369 |
|
grafana-pcp-debuginfo-5.1.1-12.el9_6.x86_64.rpm
|
SHA-256: ae69d86b3dc88f3f36c60117b1206f925b4ae975de52c41a6c9f28482f368fcc |
|
grafana-pcp-debugsource-5.1.1-12.el9_6.x86_64.rpm
|
SHA-256: 89076de82566621d84735377d136f9bcaeae4d2d8baf9338260d6357d4613521 |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6
| SRPM |
|
grafana-pcp-5.1.1-12.el9_6.src.rpm
|
SHA-256: 6eda6813d979c284ca60f307e95c28c48c0aa989cd785f20641c1f1dff045b43 |
| s390x |
|
grafana-pcp-5.1.1-12.el9_6.s390x.rpm
|
SHA-256: 3c0e328647b254a6b1862f785c865561c955833e67bbc2ac7e1e7cd61b9f2d86 |
|
grafana-pcp-debuginfo-5.1.1-12.el9_6.s390x.rpm
|
SHA-256: ac9eb104ccf136c70126324361eabe81e41a0e1336b34d65d9f092b76a2f9bd0 |
|
grafana-pcp-debugsource-5.1.1-12.el9_6.s390x.rpm
|
SHA-256: 25db5fc97a2d4933a23eb85dab791aaa11d48ca22e39d11edcd7ae9b15a685b1 |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6
| SRPM |
|
grafana-pcp-5.1.1-12.el9_6.src.rpm
|
SHA-256: 6eda6813d979c284ca60f307e95c28c48c0aa989cd785f20641c1f1dff045b43 |
| ppc64le |
|
grafana-pcp-5.1.1-12.el9_6.ppc64le.rpm
|
SHA-256: 3cd1f891ad0ccc2a6f551071b5ab5e395ceeb25716ab20afe1e0699809f600f4 |
|
grafana-pcp-debuginfo-5.1.1-12.el9_6.ppc64le.rpm
|
SHA-256: 400a36e85822c9c0172ed918ec2e877912329ddc29149c5e96bcd9c09947b757 |
|
grafana-pcp-debugsource-5.1.1-12.el9_6.ppc64le.rpm
|
SHA-256: c7300b3143e06ccf936f766a504edbd838862a0f143eafcd5d85a04ecec58725 |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6
| SRPM |
|
grafana-pcp-5.1.1-12.el9_6.src.rpm
|
SHA-256: 6eda6813d979c284ca60f307e95c28c48c0aa989cd785f20641c1f1dff045b43 |
| aarch64 |
|
grafana-pcp-5.1.1-12.el9_6.aarch64.rpm
|
SHA-256: e515db3766552b8e70adeb639b5802184b9b1eb6d249a499498cffd9a716447c |
|
grafana-pcp-debuginfo-5.1.1-12.el9_6.aarch64.rpm
|
SHA-256: 7273dc127d864ee055f2358a6007b00358e046ccecfb70fd9d74d0d1dd38c3f7 |
|
grafana-pcp-debugsource-5.1.1-12.el9_6.aarch64.rpm
|
SHA-256: a594e2462fd9d8da70470ceee533be15fbbeabfa0ca407c25850d0573fca7465 |
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6
| SRPM |
|
grafana-pcp-5.1.1-12.el9_6.src.rpm
|
SHA-256: 6eda6813d979c284ca60f307e95c28c48c0aa989cd785f20641c1f1dff045b43 |
| ppc64le |
|
grafana-pcp-5.1.1-12.el9_6.ppc64le.rpm
|
SHA-256: 3cd1f891ad0ccc2a6f551071b5ab5e395ceeb25716ab20afe1e0699809f600f4 |
|
grafana-pcp-debuginfo-5.1.1-12.el9_6.ppc64le.rpm
|
SHA-256: 400a36e85822c9c0172ed918ec2e877912329ddc29149c5e96bcd9c09947b757 |
|
grafana-pcp-debugsource-5.1.1-12.el9_6.ppc64le.rpm
|
SHA-256: c7300b3143e06ccf936f766a504edbd838862a0f143eafcd5d85a04ecec58725 |
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6
| SRPM |
|
grafana-pcp-5.1.1-12.el9_6.src.rpm
|
SHA-256: 6eda6813d979c284ca60f307e95c28c48c0aa989cd785f20641c1f1dff045b43 |
| x86_64 |
|
grafana-pcp-5.1.1-12.el9_6.x86_64.rpm
|
SHA-256: 02de1a22e6288bc2db162885517e173517d64ce8534d5deda3a36ed7e0a64369 |
|
grafana-pcp-debuginfo-5.1.1-12.el9_6.x86_64.rpm
|
SHA-256: ae69d86b3dc88f3f36c60117b1206f925b4ae975de52c41a6c9f28482f368fcc |
|
grafana-pcp-debugsource-5.1.1-12.el9_6.x86_64.rpm
|
SHA-256: 89076de82566621d84735377d136f9bcaeae4d2d8baf9338260d6357d4613521 |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6
| SRPM |
|
grafana-pcp-5.1.1-12.el9_6.src.rpm
|
SHA-256: 6eda6813d979c284ca60f307e95c28c48c0aa989cd785f20641c1f1dff045b43 |
| aarch64 |
|
grafana-pcp-5.1.1-12.el9_6.aarch64.rpm
|
SHA-256: e515db3766552b8e70adeb639b5802184b9b1eb6d249a499498cffd9a716447c |
|
grafana-pcp-debuginfo-5.1.1-12.el9_6.aarch64.rpm
|
SHA-256: 7273dc127d864ee055f2358a6007b00358e046ccecfb70fd9d74d0d1dd38c3f7 |
|
grafana-pcp-debugsource-5.1.1-12.el9_6.aarch64.rpm
|
SHA-256: a594e2462fd9d8da70470ceee533be15fbbeabfa0ca407c25850d0573fca7465 |
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6
| SRPM |
|
grafana-pcp-5.1.1-12.el9_6.src.rpm
|
SHA-256: 6eda6813d979c284ca60f307e95c28c48c0aa989cd785f20641c1f1dff045b43 |
| s390x |
|
grafana-pcp-5.1.1-12.el9_6.s390x.rpm
|
SHA-256: 3c0e328647b254a6b1862f785c865561c955833e67bbc2ac7e1e7cd61b9f2d86 |
|
grafana-pcp-debuginfo-5.1.1-12.el9_6.s390x.rpm
|
SHA-256: ac9eb104ccf136c70126324361eabe81e41a0e1336b34d65d9f092b76a2f9bd0 |
|
grafana-pcp-debugsource-5.1.1-12.el9_6.s390x.rpm
|
SHA-256: 25db5fc97a2d4933a23eb85dab791aaa11d48ca22e39d11edcd7ae9b15a685b1 |
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6
| SRPM |
|
grafana-pcp-5.1.1-12.el9_6.src.rpm
|
SHA-256: 6eda6813d979c284ca60f307e95c28c48c0aa989cd785f20641c1f1dff045b43 |
| x86_64 |
|
grafana-pcp-5.1.1-12.el9_6.x86_64.rpm
|
SHA-256: 02de1a22e6288bc2db162885517e173517d64ce8534d5deda3a36ed7e0a64369 |
|
grafana-pcp-debuginfo-5.1.1-12.el9_6.x86_64.rpm
|
SHA-256: ae69d86b3dc88f3f36c60117b1206f925b4ae975de52c41a6c9f28482f368fcc |
|
grafana-pcp-debugsource-5.1.1-12.el9_6.x86_64.rpm
|
SHA-256: 89076de82566621d84735377d136f9bcaeae4d2d8baf9338260d6357d4613521 |
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6
| SRPM |
|
grafana-pcp-5.1.1-12.el9_6.src.rpm
|
SHA-256: 6eda6813d979c284ca60f307e95c28c48c0aa989cd785f20641c1f1dff045b43 |
| aarch64 |
|
grafana-pcp-5.1.1-12.el9_6.aarch64.rpm
|
SHA-256: e515db3766552b8e70adeb639b5802184b9b1eb6d249a499498cffd9a716447c |
|
grafana-pcp-debuginfo-5.1.1-12.el9_6.aarch64.rpm
|
SHA-256: 7273dc127d864ee055f2358a6007b00358e046ccecfb70fd9d74d0d1dd38c3f7 |
|
grafana-pcp-debugsource-5.1.1-12.el9_6.aarch64.rpm
|
SHA-256: a594e2462fd9d8da70470ceee533be15fbbeabfa0ca407c25850d0573fca7465 |
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6
| SRPM |
|
grafana-pcp-5.1.1-12.el9_6.src.rpm
|
SHA-256: 6eda6813d979c284ca60f307e95c28c48c0aa989cd785f20641c1f1dff045b43 |
| ppc64le |
|
grafana-pcp-5.1.1-12.el9_6.ppc64le.rpm
|
SHA-256: 3cd1f891ad0ccc2a6f551071b5ab5e395ceeb25716ab20afe1e0699809f600f4 |
|
grafana-pcp-debuginfo-5.1.1-12.el9_6.ppc64le.rpm
|
SHA-256: 400a36e85822c9c0172ed918ec2e877912329ddc29149c5e96bcd9c09947b757 |
|
grafana-pcp-debugsource-5.1.1-12.el9_6.ppc64le.rpm
|
SHA-256: c7300b3143e06ccf936f766a504edbd838862a0f143eafcd5d85a04ecec58725 |
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6
| SRPM |
|
grafana-pcp-5.1.1-12.el9_6.src.rpm
|
SHA-256: 6eda6813d979c284ca60f307e95c28c48c0aa989cd785f20641c1f1dff045b43 |
| s390x |
|
grafana-pcp-5.1.1-12.el9_6.s390x.rpm
|
SHA-256: 3c0e328647b254a6b1862f785c865561c955833e67bbc2ac7e1e7cd61b9f2d86 |
|
grafana-pcp-debuginfo-5.1.1-12.el9_6.s390x.rpm
|
SHA-256: ac9eb104ccf136c70126324361eabe81e41a0e1336b34d65d9f092b76a2f9bd0 |
|
grafana-pcp-debugsource-5.1.1-12.el9_6.s390x.rpm
|
SHA-256: 25db5fc97a2d4933a23eb85dab791aaa11d48ca22e39d11edcd7ae9b15a685b1 |
