CVE-2012-3420

Performance Co-Pilot < 3.6.5 - Denial of Service via PDU Memory Leak

Title source: llm
STIX 2.1

Description

Multiple memory leaks in Performance Co-Pilot (PCP) before 3.6.5 allow remote attackers to cause a denial of service (memory consumption or daemon crash) via a large number of PDUs with (1) a crafted context number to the DoFetch function in pmcd/src/dofetch.c or (2) a negative type value to the __pmGetPDU function in libpcp/src/pdu.c.

References (14)

Core 14
Core References
Various Sources vendor-advisory x_refsource_suse
https://hermes.opensuse.org/messages/15540133
Various Sources vendor-advisory x_refsource_suse
https://hermes.opensuse.org/messages/15540172
Various Sources vendor-advisory x_refsource_suse
https://hermes.opensuse.org/messages/15471040
Issue Tracking x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=841319
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/08/16/1
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085333.html
Issue Tracking x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=841704
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085324.html
Issue Tracking x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=841298
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2012/dsa-2533

Scores

EPSS 0.0350
EPSS Percentile 87.8%

Details

CWE
CWE-399
Status published
Products (13)
sgi/performance_co-pilot 2.1.1
sgi/performance_co-pilot 2.1.2
sgi/performance_co-pilot 2.1.3
sgi/performance_co-pilot 2.1.4
sgi/performance_co-pilot 2.1.5
sgi/performance_co-pilot 2.1.6
sgi/performance_co-pilot 2.1.7
sgi/performance_co-pilot 2.1.8
sgi/performance_co-pilot 2.1.9
sgi/performance_co-pilot 2.1.10
... and 3 more
Published Aug 27, 2012
Tracked Since Feb 18, 2026