Amazon Linux AMI 2: CVE-2024-45770: Security patch for pcp (ALAS-2024-2657)
4
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
09/19/2024
11/05/2024
11/04/2024
11/04/2024
Description
A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges.
Solution(s)
- amazon-linux-ami-2-upgrade-pcp
- amazon-linux-ami-2-upgrade-pcp-conf
- amazon-linux-ami-2-upgrade-pcp-debuginfo
- amazon-linux-ami-2-upgrade-pcp-devel
- amazon-linux-ami-2-upgrade-pcp-doc
- amazon-linux-ami-2-upgrade-pcp-export-pcp2elasticsearch
- amazon-linux-ami-2-upgrade-pcp-export-pcp2graphite
- amazon-linux-ami-2-upgrade-pcp-export-pcp2influxdb
- amazon-linux-ami-2-upgrade-pcp-export-pcp2json
- amazon-linux-ami-2-upgrade-pcp-export-pcp2spark
- amazon-linux-ami-2-upgrade-pcp-export-pcp2xml
- amazon-linux-ami-2-upgrade-pcp-export-pcp2zabbix
- amazon-linux-ami-2-upgrade-pcp-export-zabbix-agent
- amazon-linux-ami-2-upgrade-pcp-gui
- amazon-linux-ami-2-upgrade-pcp-import-collectl2pcp
- amazon-linux-ami-2-upgrade-pcp-import-ganglia2pcp
- amazon-linux-ami-2-upgrade-pcp-import-iostat2pcp
- amazon-linux-ami-2-upgrade-pcp-import-mrtg2pcp
- amazon-linux-ami-2-upgrade-pcp-import-sar2pcp
- amazon-linux-ami-2-upgrade-pcp-libs
- amazon-linux-ami-2-upgrade-pcp-libs-devel
- amazon-linux-ami-2-upgrade-pcp-manager
- amazon-linux-ami-2-upgrade-pcp-pmda-activemq
- amazon-linux-ami-2-upgrade-pcp-pmda-apache
- amazon-linux-ami-2-upgrade-pcp-pmda-bash
- amazon-linux-ami-2-upgrade-pcp-pmda-bind2
- amazon-linux-ami-2-upgrade-pcp-pmda-bonding
- amazon-linux-ami-2-upgrade-pcp-pmda-cifs
- amazon-linux-ami-2-upgrade-pcp-pmda-cisco
- amazon-linux-ami-2-upgrade-pcp-pmda-dbping
- amazon-linux-ami-2-upgrade-pcp-pmda-dm
- amazon-linux-ami-2-upgrade-pcp-pmda-docker
- amazon-linux-ami-2-upgrade-pcp-pmda-ds389
- amazon-linux-ami-2-upgrade-pcp-pmda-ds389log
- amazon-linux-ami-2-upgrade-pcp-pmda-elasticsearch
- amazon-linux-ami-2-upgrade-pcp-pmda-gfs2
- amazon-linux-ami-2-upgrade-pcp-pmda-gluster
- amazon-linux-ami-2-upgrade-pcp-pmda-gpfs
- amazon-linux-ami-2-upgrade-pcp-pmda-gpsd
- amazon-linux-ami-2-upgrade-pcp-pmda-haproxy
- amazon-linux-ami-2-upgrade-pcp-pmda-infiniband
- amazon-linux-ami-2-upgrade-pcp-pmda-json
- amazon-linux-ami-2-upgrade-pcp-pmda-libvirt
- amazon-linux-ami-2-upgrade-pcp-pmda-lio
- amazon-linux-ami-2-upgrade-pcp-pmda-lmsensors
- amazon-linux-ami-2-upgrade-pcp-pmda-logger
- amazon-linux-ami-2-upgrade-pcp-pmda-lustre
- amazon-linux-ami-2-upgrade-pcp-pmda-lustrecomm
- amazon-linux-ami-2-upgrade-pcp-pmda-mailq
- amazon-linux-ami-2-upgrade-pcp-pmda-memcache
- amazon-linux-ami-2-upgrade-pcp-pmda-mic
- amazon-linux-ami-2-upgrade-pcp-pmda-mounts
- amazon-linux-ami-2-upgrade-pcp-pmda-mysql
- amazon-linux-ami-2-upgrade-pcp-pmda-named
- amazon-linux-ami-2-upgrade-pcp-pmda-netfilter
- amazon-linux-ami-2-upgrade-pcp-pmda-news
- amazon-linux-ami-2-upgrade-pcp-pmda-nfsclient
- amazon-linux-ami-2-upgrade-pcp-pmda-nginx
- amazon-linux-ami-2-upgrade-pcp-pmda-nvidia-gpu
- amazon-linux-ami-2-upgrade-pcp-pmda-oracle
- amazon-linux-ami-2-upgrade-pcp-pmda-pdns
- amazon-linux-ami-2-upgrade-pcp-pmda-perfevent
- amazon-linux-ami-2-upgrade-pcp-pmda-postfix
- amazon-linux-ami-2-upgrade-pcp-pmda-postgresql
- amazon-linux-ami-2-upgrade-pcp-pmda-prometheus
- amazon-linux-ami-2-upgrade-pcp-pmda-redis
- amazon-linux-ami-2-upgrade-pcp-pmda-roomtemp
- amazon-linux-ami-2-upgrade-pcp-pmda-rpm
- amazon-linux-ami-2-upgrade-pcp-pmda-rsyslog
- amazon-linux-ami-2-upgrade-pcp-pmda-samba
- amazon-linux-ami-2-upgrade-pcp-pmda-sendmail
- amazon-linux-ami-2-upgrade-pcp-pmda-shping
- amazon-linux-ami-2-upgrade-pcp-pmda-slurm
- amazon-linux-ami-2-upgrade-pcp-pmda-smart
- amazon-linux-ami-2-upgrade-pcp-pmda-snmp
- amazon-linux-ami-2-upgrade-pcp-pmda-summary
- amazon-linux-ami-2-upgrade-pcp-pmda-systemd
- amazon-linux-ami-2-upgrade-pcp-pmda-trace
- amazon-linux-ami-2-upgrade-pcp-pmda-unbound
- amazon-linux-ami-2-upgrade-pcp-pmda-vmware
- amazon-linux-ami-2-upgrade-pcp-pmda-weblog
- amazon-linux-ami-2-upgrade-pcp-pmda-zimbra
- amazon-linux-ami-2-upgrade-pcp-pmda-zswap
- amazon-linux-ami-2-upgrade-pcp-selinux
- amazon-linux-ami-2-upgrade-pcp-system-tools
- amazon-linux-ami-2-upgrade-pcp-testsuite
- amazon-linux-ami-2-upgrade-pcp-webapi
- amazon-linux-ami-2-upgrade-pcp-webapp-blinkenlights
- amazon-linux-ami-2-upgrade-pcp-webapp-grafana
- amazon-linux-ami-2-upgrade-pcp-webapp-graphite
- amazon-linux-ami-2-upgrade-pcp-webapp-vector
- amazon-linux-ami-2-upgrade-pcp-webjs
- amazon-linux-ami-2-upgrade-pcp-zeroconf
- amazon-linux-ami-2-upgrade-perl-pcp-logimport
- amazon-linux-ami-2-upgrade-perl-pcp-logsummary
- amazon-linux-ami-2-upgrade-perl-pcp-mmv
- amazon-linux-ami-2-upgrade-perl-pcp-pmda
- amazon-linux-ami-2-upgrade-python-pcp
Advanced vulnerability management analytics and reporting.
Key Features
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center