Rapid7 Vulnerability & Exploit Database

Red Hat: CVE-2023-6917: pcp: unsafe use of directories allows pcp to root privilege escalation (Multiple Advisories)

Free InsightVM Trial No Credit Card Necessary

2024 Attack Intel Report Latest research by Rapid7 Labs

Back to Search

Red Hat: CVE-2023-6917: pcp: unsafe use of directories allows pcp to root privilege escalation (Multiple Advisories)

Severity

CVSS

(AV:L/AC:L/Au:M/C:C/I:C/A:N)

Published

02/28/2024

Created

05/01/2024

Added

05/01/2024

Modified

09/03/2024

Description

A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges. This disparity in privilege levels poses a risk when privileged root processes interact with directories or directory trees owned by unprivileged PCP users. Specifically, this vulnerability may lead to the compromise of PCP user isolation and facilitate local PCP-to-root exploits, particularly through symlink attacks. These vulnerabilities underscore the importance of maintaining robust privilege separation mechanisms within PCP to mitigate the potential for unauthorized privilege escalation.

Solution(s)

redhat-upgrade-pcp
redhat-upgrade-pcp-conf
redhat-upgrade-pcp-debuginfo
redhat-upgrade-pcp-debugsource
redhat-upgrade-pcp-devel
redhat-upgrade-pcp-devel-debuginfo
redhat-upgrade-pcp-doc
redhat-upgrade-pcp-export-pcp2elasticsearch
redhat-upgrade-pcp-export-pcp2graphite
redhat-upgrade-pcp-export-pcp2influxdb
redhat-upgrade-pcp-export-pcp2json
redhat-upgrade-pcp-export-pcp2spark
redhat-upgrade-pcp-export-pcp2xml
redhat-upgrade-pcp-export-pcp2zabbix
redhat-upgrade-pcp-export-zabbix-agent
redhat-upgrade-pcp-export-zabbix-agent-debuginfo
redhat-upgrade-pcp-geolocate
redhat-upgrade-pcp-gui
redhat-upgrade-pcp-gui-debuginfo
redhat-upgrade-pcp-import-collectl2pcp
redhat-upgrade-pcp-import-collectl2pcp-debuginfo
redhat-upgrade-pcp-import-ganglia2pcp
redhat-upgrade-pcp-import-iostat2pcp
redhat-upgrade-pcp-import-mrtg2pcp
redhat-upgrade-pcp-import-sar2pcp
redhat-upgrade-pcp-libs
redhat-upgrade-pcp-libs-debuginfo
redhat-upgrade-pcp-libs-devel
redhat-upgrade-pcp-pmda-activemq
redhat-upgrade-pcp-pmda-apache
redhat-upgrade-pcp-pmda-apache-debuginfo
redhat-upgrade-pcp-pmda-bash
redhat-upgrade-pcp-pmda-bash-debuginfo
redhat-upgrade-pcp-pmda-bcc
redhat-upgrade-pcp-pmda-bind2
redhat-upgrade-pcp-pmda-bonding
redhat-upgrade-pcp-pmda-bpf
redhat-upgrade-pcp-pmda-bpf-debuginfo
redhat-upgrade-pcp-pmda-bpftrace
redhat-upgrade-pcp-pmda-cifs
redhat-upgrade-pcp-pmda-cifs-debuginfo
redhat-upgrade-pcp-pmda-cisco
redhat-upgrade-pcp-pmda-cisco-debuginfo
redhat-upgrade-pcp-pmda-dbping
redhat-upgrade-pcp-pmda-denki
redhat-upgrade-pcp-pmda-denki-debuginfo
redhat-upgrade-pcp-pmda-dm
redhat-upgrade-pcp-pmda-dm-debuginfo
redhat-upgrade-pcp-pmda-docker
redhat-upgrade-pcp-pmda-docker-debuginfo
redhat-upgrade-pcp-pmda-ds389
redhat-upgrade-pcp-pmda-ds389log
redhat-upgrade-pcp-pmda-elasticsearch
redhat-upgrade-pcp-pmda-farm
redhat-upgrade-pcp-pmda-farm-debuginfo
redhat-upgrade-pcp-pmda-gfs2
redhat-upgrade-pcp-pmda-gfs2-debuginfo
redhat-upgrade-pcp-pmda-gluster
redhat-upgrade-pcp-pmda-gpfs
redhat-upgrade-pcp-pmda-gpsd
redhat-upgrade-pcp-pmda-hacluster
redhat-upgrade-pcp-pmda-hacluster-debuginfo
redhat-upgrade-pcp-pmda-haproxy
redhat-upgrade-pcp-pmda-infiniband
redhat-upgrade-pcp-pmda-infiniband-debuginfo
redhat-upgrade-pcp-pmda-json
redhat-upgrade-pcp-pmda-libvirt
redhat-upgrade-pcp-pmda-lio
redhat-upgrade-pcp-pmda-lmsensors
redhat-upgrade-pcp-pmda-logger
redhat-upgrade-pcp-pmda-logger-debuginfo
redhat-upgrade-pcp-pmda-lustre
redhat-upgrade-pcp-pmda-lustrecomm
redhat-upgrade-pcp-pmda-lustrecomm-debuginfo
redhat-upgrade-pcp-pmda-mailq
redhat-upgrade-pcp-pmda-mailq-debuginfo
redhat-upgrade-pcp-pmda-memcache
redhat-upgrade-pcp-pmda-mic
redhat-upgrade-pcp-pmda-mongodb
redhat-upgrade-pcp-pmda-mounts
redhat-upgrade-pcp-pmda-mounts-debuginfo
redhat-upgrade-pcp-pmda-mssql
redhat-upgrade-pcp-pmda-mysql
redhat-upgrade-pcp-pmda-named
redhat-upgrade-pcp-pmda-netcheck
redhat-upgrade-pcp-pmda-netfilter
redhat-upgrade-pcp-pmda-news
redhat-upgrade-pcp-pmda-nfsclient
redhat-upgrade-pcp-pmda-nginx
redhat-upgrade-pcp-pmda-nvidia-gpu
redhat-upgrade-pcp-pmda-nvidia-gpu-debuginfo
redhat-upgrade-pcp-pmda-openmetrics
redhat-upgrade-pcp-pmda-openvswitch
redhat-upgrade-pcp-pmda-oracle
redhat-upgrade-pcp-pmda-pdns
redhat-upgrade-pcp-pmda-perfevent
redhat-upgrade-pcp-pmda-perfevent-debuginfo
redhat-upgrade-pcp-pmda-podman
redhat-upgrade-pcp-pmda-podman-debuginfo
redhat-upgrade-pcp-pmda-postfix
redhat-upgrade-pcp-pmda-postgresql
redhat-upgrade-pcp-pmda-rabbitmq
redhat-upgrade-pcp-pmda-redis
redhat-upgrade-pcp-pmda-resctrl
redhat-upgrade-pcp-pmda-resctrl-debuginfo
redhat-upgrade-pcp-pmda-roomtemp
redhat-upgrade-pcp-pmda-roomtemp-debuginfo
redhat-upgrade-pcp-pmda-rsyslog
redhat-upgrade-pcp-pmda-samba
redhat-upgrade-pcp-pmda-sendmail
redhat-upgrade-pcp-pmda-sendmail-debuginfo
redhat-upgrade-pcp-pmda-shping
redhat-upgrade-pcp-pmda-shping-debuginfo
redhat-upgrade-pcp-pmda-slurm
redhat-upgrade-pcp-pmda-smart
redhat-upgrade-pcp-pmda-smart-debuginfo
redhat-upgrade-pcp-pmda-snmp
redhat-upgrade-pcp-pmda-sockets
redhat-upgrade-pcp-pmda-sockets-debuginfo
redhat-upgrade-pcp-pmda-statsd
redhat-upgrade-pcp-pmda-statsd-debuginfo
redhat-upgrade-pcp-pmda-summary
redhat-upgrade-pcp-pmda-summary-debuginfo
redhat-upgrade-pcp-pmda-systemd
redhat-upgrade-pcp-pmda-systemd-debuginfo
redhat-upgrade-pcp-pmda-trace
redhat-upgrade-pcp-pmda-trace-debuginfo
redhat-upgrade-pcp-pmda-unbound
redhat-upgrade-pcp-pmda-weblog
redhat-upgrade-pcp-pmda-weblog-debuginfo
redhat-upgrade-pcp-pmda-zimbra
redhat-upgrade-pcp-pmda-zimbra-debuginfo
redhat-upgrade-pcp-pmda-zswap
redhat-upgrade-pcp-selinux
redhat-upgrade-pcp-system-tools
redhat-upgrade-pcp-system-tools-debuginfo
redhat-upgrade-pcp-testsuite
redhat-upgrade-pcp-testsuite-debuginfo
redhat-upgrade-pcp-zeroconf
redhat-upgrade-perl-pcp-logimport
redhat-upgrade-perl-pcp-logimport-debuginfo
redhat-upgrade-perl-pcp-logsummary
redhat-upgrade-perl-pcp-mmv
redhat-upgrade-perl-pcp-mmv-debuginfo
redhat-upgrade-perl-pcp-pmda
redhat-upgrade-perl-pcp-pmda-debuginfo
redhat-upgrade-python3-pcp
redhat-upgrade-python3-pcp-debuginfo

References

CVE-2023-6917
RHSA-2024:2213

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Red Hat: CVE-2023-6917: pcp: unsafe use of directories allows pcp to root privilege escalation (Multiple Advisories)

Red Hat: CVE-2023-6917: pcp: unsafe use of directories allows pcp to root privilege escalation (Multiple Advisories)

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.