CVE-2024-45769

MEDIUM

Performance Co-Pilot - Code Injection

Title source: llm
STIX 2.1

Description

A vulnerability was found in Performance Co-Pilot (PCP).  This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash.

References (11)

Core 11
Core References
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2024:6837
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2024:6840
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2024:6842
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2024:6843
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2024:6844
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2024:6846
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2024:6847
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2024:6848
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2024:9452
Vendor Advisory vdb-entry x_refsource_redhat
https://access.redhat.com/security/cve/CVE-2024-45769
Issue Tracking issue-tracking x_refsource_redhat
https://bugzilla.redhat.com/show_bug.cgi?id=2310452

Scores

CVSS v3 5.5
EPSS 0.0003
EPSS Percentile 7.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-787
Status published
Products (16)
Red Hat/Red Hat Enterprise Linux 10
Red Hat/Red Hat Enterprise Linux 6
Red Hat/Red Hat Enterprise Linux 7
Red Hat/Red Hat Enterprise Linux 8 0:5.3.7-22.el8_10
Red Hat/Red Hat Enterprise Linux 8.2 Advanced Update Support 0:5.0.2-9.el8_2
Red Hat/Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 0:5.2.5-8.el8_4
Red Hat/Red Hat Enterprise Linux 8.4 Telecommunications Update Service 0:5.2.5-8.el8_4
Red Hat/Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions 0:5.2.5-8.el8_4
Red Hat/Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 0:5.3.5-10.el8_6
Red Hat/Red Hat Enterprise Linux 8.6 Telecommunications Update Service 0:5.3.5-10.el8_6
... and 6 more
Published Sep 19, 2024
Tracked Since Feb 18, 2026