Assigner | redhat |
Reserved | 2023-10-31 |
Published | 2023-12-10 |
Updated | 2024-05-01 |
Description
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Problem types
Integer Overflow or Wraparound
Product status
4.2.4-6 before *
4.2.4-6 before *
4.2.4-7 before *
4.2.4-6 before *
4.2.4-7 before *
0:9.2.24-9.el7_9 before *
8090020231114113712.a75119d5 before *
8090020231128173330.a75119d5 before *
8090020231201202407.a75119d5 before *
8090020231114113548.a75119d5 before *
8010020231130170510.c27ad7f8 before *
8020020231128165246.4cda2c84 before *
8020020231201202149.4cda2c84 before *
8020020231128165246.4cda2c84 before *
8020020231201202149.4cda2c84 before *
8020020231128165246.4cda2c84 before *
8020020231201202149.4cda2c84 before *
8040020231127153301.522a0ee4 before *
8040020231127154806.522a0ee4 before *
8040020231127142440.522a0ee4 before *
8040020231127153301.522a0ee4 before *
8040020231127154806.522a0ee4 before *
8040020231127142440.522a0ee4 before *
8040020231127153301.522a0ee4 before *
8040020231127154806.522a0ee4 before *
8040020231127142440.522a0ee4 before *
8060020231114115246.ad008a3a before *
8060020231128165328.ad008a3a before *
8060020231201202249.ad008a3a before *
8080020231114105206.63b34585 before *
8080020231128165335.63b34585 before *
8080020231201202316.63b34585 before *
8080020231113134015.63b34585 before *
0:13.13-1.el9_3 before *
9030020231120082734.rhel9 before *
0:13.13-1.el9_0 before *
0:13.13-1.el9_2 before *
9020020231115020618.rhel9 before *
0:12.17-1.el7 before *
0:10.23-2.el7 before *
0:13.13-1.el7 before *
3.74.8-9 before *
3.74.8-9 before *
3.74.8-7 before *
3.74.8-9 before *
3.74.8-9 before *
4.1.6-6 before *
4.1.6-6 before *
4.1.6-6 before *
4.1.6-6 before *
4.1.6-6 before *
Timeline
2023-10-31: | Reported to Red Hat. |
2023-11-09: | Made public. |
Credits
Upstream acknowledges Pedro Gallegos as the original reporter.
References
https://access.redhat.com/errata/RHSA-2023:7545 (RHSA-2023:7545)
https://access.redhat.com/errata/RHSA-2023:7579 (RHSA-2023:7579)
https://access.redhat.com/errata/RHSA-2023:7580 (RHSA-2023:7580)
https://access.redhat.com/errata/RHSA-2023:7581 (RHSA-2023:7581)
https://access.redhat.com/errata/RHSA-2023:7616 (RHSA-2023:7616)
https://access.redhat.com/errata/RHSA-2023:7656 (RHSA-2023:7656)
https://access.redhat.com/errata/RHSA-2023:7666 (RHSA-2023:7666)
https://access.redhat.com/errata/RHSA-2023:7667 (RHSA-2023:7667)
https://access.redhat.com/errata/RHSA-2023:7694 (RHSA-2023:7694)
https://access.redhat.com/errata/RHSA-2023:7695 (RHSA-2023:7695)
https://access.redhat.com/errata/RHSA-2023:7714 (RHSA-2023:7714)
https://access.redhat.com/errata/RHSA-2023:7770 (RHSA-2023:7770)
https://access.redhat.com/errata/RHSA-2023:7771 (RHSA-2023:7771)
https://access.redhat.com/errata/RHSA-2023:7772 (RHSA-2023:7772)
https://access.redhat.com/errata/RHSA-2023:7778 (RHSA-2023:7778)
https://access.redhat.com/errata/RHSA-2023:7783 (RHSA-2023:7783)
https://access.redhat.com/errata/RHSA-2023:7784 (RHSA-2023:7784)
https://access.redhat.com/errata/RHSA-2023:7785 (RHSA-2023:7785)
https://access.redhat.com/errata/RHSA-2023:7786 (RHSA-2023:7786)
https://access.redhat.com/errata/RHSA-2023:7788 (RHSA-2023:7788)
https://access.redhat.com/errata/RHSA-2023:7789 (RHSA-2023:7789)
https://access.redhat.com/errata/RHSA-2023:7790 (RHSA-2023:7790)
https://access.redhat.com/errata/RHSA-2023:7878 (RHSA-2023:7878)
https://access.redhat.com/errata/RHSA-2023:7883 (RHSA-2023:7883)
https://access.redhat.com/errata/RHSA-2023:7884 (RHSA-2023:7884)
https://access.redhat.com/errata/RHSA-2023:7885 (RHSA-2023:7885)
https://access.redhat.com/errata/RHSA-2024:0304 (RHSA-2024:0304)
https://access.redhat.com/errata/RHSA-2024:0332 (RHSA-2024:0332)
https://access.redhat.com/errata/RHSA-2024:0337 (RHSA-2024:0337)
https://access.redhat.com/security/cve/CVE-2023-5869
https://bugzilla.redhat.com/show_bug.cgi?id=2247169 (RHBZ#2247169)
https://security.netapp.com/advisory/ntap-20240119-0003/
https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/
https://www.postgresql.org/support/security/CVE-2023-5869/