The PCP libpcp __pmDecodeValueSet routine mishandles size checks in the Result PDU, allowing the pmcd metric store operation (if enabled) to corrupt the calling program's heap with a maliciously crafted PDU.
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2024:6846 https://access.redhat.com/errata/RHSA-2024:6846
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2024:6840 https://access.redhat.com/errata/RHSA-2024:6840
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2024:6843 https://access.redhat.com/errata/RHSA-2024:6843
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:6837 https://access.redhat.com/errata/RHSA-2024:6837
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2024:6842 https://access.redhat.com/errata/RHSA-2024:6842
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2024:6844 https://access.redhat.com/errata/RHSA-2024:6844
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:6847 https://access.redhat.com/errata/RHSA-2024:6847
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:6848 https://access.redhat.com/errata/RHSA-2024:6848