CVE-2023-5869

Postgresql: buffer overrun from integer overflow in array modification

Published: 12/10/2023 Last updated: 11/15/2024 Reserved: 10/31/2023

A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Metrics

Version	Score	Severity	Vector String
3.1	8.8	High	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Opam packages affected (5)

conf-mingw-w64-postgresql-i686 conf-mingw-w64-postgresql-x86_64 conf-postgresql ocsigen-start postgresql

Products affected (54)

Product	Vendor	Version
RHACS-4.1-RHEL-8	Red Hat	< 10.0.19041.1237
RHACS-3.74-RHEL-8	Red Hat	n/a
Red Hat Advanced Cluster Security 4.2	Red Hat	21.0 ap348472
Red Hat Advanced Cluster Security 4.2	Red Hat	<= *
RHACS-3.74-RHEL-8	Red Hat	QCA6310
RHACS-4.1-RHEL-8	Red Hat	21.0 ap237570
RHACS-3.74-RHEL-8	Red Hat	< ab0727d6e2196682351c25c1dd112136f6991f11
Red Hat Advanced Cluster Security 4.2	Red Hat	21.0 ap341939
RHACS-4.1-RHEL-8	Red Hat	n/a
RHACS-4.1-RHEL-8	Red Hat	< 10.0.19041.1237
RHACS-3.74-RHEL-8	Red Hat	QCA6390
Red Hat Advanced Cluster Security 4.2	Red Hat	n/a
RHACS-4.1-RHEL-8	Red Hat	21.0 ap240661
Red Hat Advanced Cluster Security 4.2	Red Hat	21.0 ap364384
RHACS-3.74-RHEL-8	Red Hat	< 8253ff29edcb429a9a6c75710941c6a16a9a34b1
Red Hat Enterprise Linux 6	Red Hat	20.4
Red Hat Enterprise Linux 9	Red Hat	21.0 ap339196
Red Hat Enterprise Linux 7	Red Hat	21.0 ap338833
Red Hat Enterprise Linux 9.2 Extended Update Support	Red Hat	n/a
Red Hat Enterprise Linux 9.0 Extended Update Support	Red Hat	<= 3.1.0
Red Hat Enterprise Linux 8.2 Advanced Update Support	Red Hat	21.0 ap350303
Red Hat Enterprise Linux 8	Red Hat	21.0 ap364369
Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions	Red Hat	21.0 ap347905
Red Hat Enterprise Linux 8.2 Telecommunications Update Service	Red Hat	<= 4.5.10 (FW27)
Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions	Red Hat	<= 22.0
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Red Hat	21.0 ap339209
Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Red Hat	21.0 ap353701
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Red Hat	21.0 ap359030
Red Hat Enterprise Linux 8.6 Extended Update Support	Red Hat	APQ8009W
Red Hat Enterprise Linux 8.8 Extended Update Support	Red Hat	AQT1000
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Red Hat	21.0 ap347172
Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Red Hat	21.0 ap365632
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Red Hat	< 10.0.19041.1237
Red Hat Enterprise Linux 8.6 Extended Update Support	Red Hat	14.0.0-14.0.0.4
Red Hat Enterprise Linux 8.2 Advanced Update Support	Red Hat	<= 4.5.10 (FW27)
Red Hat Enterprise Linux 8.8 Extended Update Support	Red Hat	21.0 ap246656
Red Hat Enterprise Linux 8	Red Hat	21.0 ap339538
Red Hat Enterprise Linux 8.2 Telecommunications Update Service	Red Hat	21.0 ap347158
Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions	Red Hat	21.0 ap350111
Red Hat Enterprise Linux 8.8 Extended Update Support	Red Hat	21.0 ap344253
Red Hat Enterprise Linux 8.6 Extended Update Support	Red Hat	21.0 ap356231
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Red Hat	21.0 ap346128
Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Red Hat	< 22.3R2-S2, 22.3R3
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Red Hat	21.0 ap346379
Red Hat Enterprise Linux 8	Red Hat	21.0 ap235960
Red Hat Enterprise Linux 8	Red Hat	21.0 ap339351
Red Hat Enterprise Linux 8.8 Extended Update Support	Red Hat	CSRA6640
Red Hat Enterprise Linux 9.2 Extended Update Support	Red Hat	MSM8608
Red Hat Enterprise Linux 9	Red Hat	21.0 ap348078
Red Hat Enterprise Linux 8	Red Hat	<= 6.6.*
Red Hat Enterprise Linux 9	Red Hat	QCA6574AU
Red Hat Software Collections for Red Hat Enterprise Linux 7	Red Hat	MSM8976
Red Hat Software Collections for Red Hat Enterprise Linux 7	Red Hat	n/a
Red Hat Software Collections for Red Hat Enterprise Linux 7	Red Hat	< 14.1.5

References (67)

Credits (1)

Upstream acknowledges Pedro Gallegos as the original reporter.