CVE-2023-5869

Postgresql: buffer overrun from integer overflow in array modification

Published: 12/10/2023 Last updated: 3/11/2026 Reserved: 10/31/2023

A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Metrics

Version	Score	Severity	Vector String
3.1	8.8	High	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Opam packages affected (5)

conf-mingw-w64-postgresql-i686 conf-mingw-w64-postgresql-x86_64 conf-postgresql ocsigen-start postgresql

Products affected (32)

Product	Vendor	Version
RHACS-4.1-RHEL-8	Red Hat	< 10.0.22631.5189
RHACS-3.74-RHEL-8	Red Hat	< 15.02.2562.020
RHACS-4.1-RHEL-8	Red Hat	< 6.1.7601.27670
RHACS-4.1-RHEL-8	Red Hat	< 10.0.14393.7969
RHACS-4.1-RHEL-8	Red Hat	< 10.0.14393.8246
Red Hat Advanced Cluster Security 4.2	Red Hat	3.0.0.0
RHACS-4.1-RHEL-8	Red Hat	< 10.0.22631.5624
RHACS-3.74-RHEL-8	Red Hat	< 10.0.14393.7969
Red Hat Enterprise Linux 7	Red Hat	< 10.0.14393.7699
Red Hat Enterprise Linux 9.2 Extended Update Support	Red Hat	< 6.3.9600.22470
Red Hat Enterprise Linux 6	Red Hat	< 10.0.26100.4652
Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Red Hat	< 16.0.68.39
Red Hat Enterprise Linux 8.2 Advanced Update Support	Red Hat	< 10.0.17763.7678
Red Hat Enterprise Linux 8.6 Extended Update Support	Red Hat	< 6.2.9200.25273
Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Red Hat	< 26.3
Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions	Red Hat	< 6.0.6003.23471
Red Hat Enterprise Linux 8	Red Hat	< 10.0.17763.6775
Red Hat Enterprise Linux 8.6 Extended Update Support	Red Hat	-
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Red Hat	>= 17.0.0, < 17.0.18.38
Red Hat Enterprise Linux 8	Red Hat	< 6.3.9600.22371
Red Hat Enterprise Linux 8.2 Advanced Update Support	Red Hat	< 6.3.9600.22725
Red Hat Enterprise Linux 8.2 Telecommunications Update Service	Red Hat	>= 1.5.0rc1, < 1.5.0rc4
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Red Hat	< 10.0.26100.3194
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Red Hat	< 10.0.14393.7785
Red Hat Enterprise Linux 8	Red Hat	< 6.0.6003.23070
Red Hat Enterprise Linux 8.8 Extended Update Support	Red Hat	8.1.8
Red Hat Enterprise Linux 8.6 Extended Update Support	Red Hat	< 10.0.26100.4652
Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Red Hat	< 10.0.26100.3476
Red Hat Enterprise Linux 9.2 Extended Update Support	Red Hat	< 10.0.26100.3476
Red Hat Enterprise Linux 9	Red Hat	< 10.0.22631.5039
Red Hat Enterprise Linux 8	Red Hat	< 10.0.10240.20890
Red Hat Enterprise Linux 9	Red Hat	< 6.1.7601.27520

References (136)

Credits (2)

Upstream acknowledges Pedro Gallegos as the original reporter.
Upstream acknowledges Pedro Gallegos as the original reporter.