CVE-2012-3421

Performance Co-Pilot < 3.6.5 - Denial of Service via PDU Connection Timeout

Title source: llm
STIX 2.1

Description

The pduread function in pdu.c in libpcp in Performance Co-Pilot (PCP) before 3.6.5 does not properly time out connections, which allows remote attackers to cause a denial of service (pmcd hang) by sending individual bytes of a PDU separately, related to an "event-driven programming flaw."

References (11)

Core 11
Core References
Various Sources vendor-advisory x_refsource_suse
https://hermes.opensuse.org/messages/15540133
Various Sources vendor-advisory x_refsource_suse
https://hermes.opensuse.org/messages/15540172
Various Sources vendor-advisory x_refsource_suse
https://hermes.opensuse.org/messages/15471040
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/08/16/1
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085333.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085324.html
Issue Tracking x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=841706
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2012/dsa-2533

Scores

EPSS 0.0246
EPSS Percentile 85.4%

Details

Status published
Products (13)
sgi/performance_co-pilot 2.1.1
sgi/performance_co-pilot 2.1.2
sgi/performance_co-pilot 2.1.3
sgi/performance_co-pilot 2.1.4
sgi/performance_co-pilot 2.1.5
sgi/performance_co-pilot 2.1.6
sgi/performance_co-pilot 2.1.7
sgi/performance_co-pilot 2.1.8
sgi/performance_co-pilot 2.1.9
sgi/performance_co-pilot 2.1.10
... and 3 more
Published Aug 27, 2012
Tracked Since Feb 18, 2026