CVE-2023-5870

Postgresql: role pg_signal_backend can signal certain superuser processes.

Published: 12/10/2023 Last updated: 3/2/2026 Reserved: 10/31/2023

A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Metrics

Version	Score	Severity	Vector String
3.1	2.2	Low	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L

Opam packages affected (5)

conf-mingw-w64-postgresql-i686 conf-mingw-w64-postgresql-x86_64 conf-postgresql ocsigen-start postgresql

Products affected (57)

Product	Vendor	Version
RHACS-3.74-RHEL-8	Red Hat	< 10.0.17763.6054
RHACS-3.74-RHEL-8	Red Hat	< 10.0.20348.2582
Red Hat Advanced Cluster Security 4.2	Red Hat	< 10.0.17763.6054
RHACS-3.74-RHEL-8	Red Hat	< 10.0.25398.1009
RHACS-3.74-RHEL-8	Red Hat	< 10.0.25398.1009
RHACS-4.1-RHEL-8	Red Hat	< 10.0.17763.6054
Red Hat Advanced Cluster Security 4.2	Red Hat	< 10.0.17763.6054
Red Hat Advanced Cluster Security 4.2	Red Hat	EmbMilanPI-SP3 v9 1.0.0.C
Red Hat Advanced Cluster Security 4.2	Red Hat	< 10.0.20348.2582
RHACS-4.1-RHEL-8	Red Hat	< 10.0.25398.1009
RHACS-3.74-RHEL-8	Red Hat	< 6.0.6003.22769
RHACS-3.74-RHEL-8	Red Hat	< 10.0.14393.7159
RHACS-3.74-RHEL-8	Red Hat	< 10.0.14393.7159
Red Hat Advanced Cluster Security 4.2	Red Hat	< 10.0.17763.6054
RHACS-3.74-RHEL-8	Red Hat	< 6.2.9200.24975
Red Hat Advanced Cluster Security 4.2	Red Hat	< 10.0.22000.3079
RHACS-4.1-RHEL-8	Red Hat	< 6.0.6003.22769
RHACS-4.1-RHEL-8	Red Hat	< 6.2.9200.24975
Red Hat Advanced Cluster Security 4.2	Red Hat	< 10.0.19044.4651
Red Hat Enterprise Linux 7	Red Hat	< 10.0.22000.3079
Red Hat Enterprise Linux 9.0 Extended Update Support	Red Hat	7.5.1
Red Hat Enterprise Linux 9.2 Extended Update Support	Red Hat	COM_CLOUD 2211
Red Hat Enterprise Linux 9	Red Hat	< 6.3.9600.22074
Red Hat Enterprise Linux 9	Red Hat	< 1.2.10
Red Hat Enterprise Linux 8	Red Hat	< 10.0.19045.4651
Red Hat Enterprise Linux 8.2 Advanced Update Support	Red Hat	< 10.0.22631.3880
Red Hat Enterprise Linux 8.2 Telecommunications Update Service	Red Hat	< 10.0.25398.1009
Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions	Red Hat	< 10.0.10240.20710
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Red Hat	< 10.0.14393.7159
Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Red Hat	< 10.0.14393.7159
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Red Hat	< 6.2.9200.24975
Red Hat Enterprise Linux 8	Red Hat	< 7.5.6.1161
Red Hat Enterprise Linux 8.2 Advanced Update Support	Red Hat	< 10.0.19044.4651
Red Hat Enterprise Linux 8.2 Telecommunications Update Service	Red Hat	< 6.2.9200.24975
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Red Hat	< 10.0.20348.2582
Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Red Hat	n/a
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Red Hat	< 10.0.17763.6054
Red Hat Enterprise Linux 8	Red Hat	< 10.0.19045.4651
Red Hat Enterprise Linux 8.8 Extended Update Support	Red Hat	< 10.0.17763.6054
Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Red Hat	< 6.2.9200.24975
Red Hat Enterprise Linux 8	Red Hat	< 10.0.22621.3880
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Red Hat	< 10.0.14393.7159
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Red Hat	< 6.3.9600.22074
Red Hat Enterprise Linux 8.6 Extended Update Support	Red Hat	< 6.3.9600.22074
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Red Hat	< 10.0.14393.7159
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Red Hat	< 10.0.19044.4651
Red Hat Enterprise Linux 8.6 Extended Update Support	Red Hat	< 10.0.22631.3880
Red Hat Enterprise Linux 8.8 Extended Update Support	Red Hat	< 10.0.10240.20710
Red Hat Enterprise Linux 9	Red Hat	See references
Red Hat Enterprise Linux 9	Red Hat	< 10.0.14393.7159
Red Hat Enterprise Linux 8.8 Extended Update Support	Red Hat	< 10.0.19044.4651
Red Hat Enterprise Linux 8	Red Hat	< 10.0.17763.6054
Red Hat Enterprise Linux 9.2 Extended Update Support	Red Hat	2024 SU5
Red Hat Enterprise Linux 8	Red Hat	< 10.0.22631.3880
Red Hat Software Collections	Red Hat	<= <= 4.13.1
Red Hat Software Collections for Red Hat Enterprise Linux 7	Red Hat	< 10.0.17763.6054
Red Hat Software Collections for Red Hat Enterprise Linux 7	Red Hat	< 10.0.17763.6054

References (104)

Credits (2)

Upstream acknowledges Hemanth Sandrana and Mahendrakar Srinivasarao as the original reporters.
Upstream acknowledges Hemanth Sandrana and Mahendrakar Srinivasarao as the original reporters.