CVE-2023-5870

Postgresql: role pg_signal_backend can signal certain superuser processes.

Published: 12/10/2023 Last updated: 11/20/2025 Reserved: 10/31/2023

A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Metrics

Version	Score	Severity	Vector String
3.1	2.2	Low	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L

Opam packages affected (5)

conf-mingw-w64-postgresql-i686 conf-mingw-w64-postgresql-x86_64 conf-postgresql ocsigen-start postgresql

Products affected (71)

Product	Vendor	Version
Red Hat Advanced Cluster Security 4.2	Red Hat	version 1709 (Server Core Installation)
RHACS-3.74-RHEL-8	Red Hat	n/a
RHACS-3.74-RHEL-8	Red Hat	n/a
Red Hat Advanced Cluster Security 4.2	Red Hat	4.0.0
Red Hat Advanced Cluster Security 4.2	Red Hat	<= 2.13.10
RHACS-4.1-RHEL-8	Red Hat	jenkins 2.44
Red Hat Advanced Cluster Security 4.2	Red Hat	< R147-V6
RHACS-4.1-RHEL-8	Red Hat	< R149-V4
Red Hat Advanced Cluster Security 4.2	Red Hat	< 2.283.4
Red Hat Advanced Cluster Security 4.2	Red Hat	7.0
RHACS-4.1-RHEL-8	Red Hat	Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior
RHACS-3.74-RHEL-8	Red Hat	< unspecified
RHACS-4.1-RHEL-8	Red Hat	Fixed in 9.1R12
Red Hat Advanced Cluster Security 4.2	Red Hat	n/a
RHACS-3.74-RHEL-8	Red Hat	ICONICS GENESIS64 versions 10.97.1 and prior
Red Hat Advanced Cluster Security 4.2	Red Hat	version 1803 (Server Core Installation)
RHACS-3.74-RHEL-8	Red Hat	< 2107460.6810.0
RHACS-4.1-RHEL-8	Red Hat	n/a
Red Hat Advanced Cluster Security 4.2	Red Hat	7.1.1
RHACS-3.74-RHEL-8	Red Hat	< R150-V2
RHACS-3.74-RHEL-8	Red Hat	n/a
Red Hat Advanced Cluster Security 4.2	Red Hat	2.0
RHACS-4.1-RHEL-8	Red Hat	< R148-V7
Red Hat Enterprise Linux 7	Red Hat	1.07b01
Red Hat Enterprise Linux 9	Red Hat	< R150-V2
Red Hat Enterprise Linux 6	Red Hat	n/a
Red Hat Enterprise Linux 6	Red Hat	jenkins 2.32.2
Red Hat Enterprise Linux 7	Red Hat	n/a
Red Hat Enterprise Linux 9.0 Extended Update Support	Red Hat	< R149-V4
Red Hat Enterprise Linux 8	Red Hat	n/a
Red Hat Enterprise Linux 8.6 Extended Update Support	Red Hat	< R147-V6
Red Hat Enterprise Linux 8.2 Advanced Update Support	Red Hat	n/a
Red Hat Enterprise Linux 8.2 Telecommunications Update Service	Red Hat	8.0
Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions	Red Hat	< R150-V2
Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Red Hat	5.7.39 and prior
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Red Hat	< R148-V7
Red Hat Enterprise Linux 8.8 Extended Update Support	Red Hat	n/a
Red Hat Enterprise Linux 8	Red Hat	<= 4.2.1
Red Hat Enterprise Linux 8.2 Advanced Update Support	Red Hat	n/a
Red Hat Enterprise Linux 8.2 Telecommunications Update Service	Red Hat	>= 2.290.0, < 2.293.1
Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions	Red Hat	Sierra Wireless AirLink Raven XE and XT
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Red Hat	n/a
Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Red Hat	Android-11
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Red Hat	>= 3.0-milestone-1, < 13.10.10
Red Hat Enterprise Linux 8.6 Extended Update Support	Red Hat	>= 14.5, < 14.8-rc-1
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Red Hat	< R149-V4
Red Hat Enterprise Linux 8	Red Hat	<= 7.10.6-rev7
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Red Hat	>= 2.294.0, < 2.296.2
Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Red Hat	<= 9.7
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Red Hat	>= 14.0-rc-1, < 14.4.5
Red Hat Enterprise Linux 8.6 Extended Update Support	Red Hat	n/a
Red Hat Enterprise Linux 8.8 Extended Update Support	Red Hat	>=15.0.0, <15.0.1
Red Hat Enterprise Linux 8.6 Extended Update Support	Red Hat	n/a
Red Hat Enterprise Linux 8	Red Hat	>= 2.284.0, < 2.285.2
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Red Hat	8.0.30 and prior
Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Red Hat	<= 2.8.6
Red Hat Enterprise Linux 8.8 Extended Update Support	Red Hat	n/a
Red Hat Enterprise Linux 9.2 Extended Update Support	Red Hat	< R148-V7
Red Hat Enterprise Linux 9	Red Hat	n/a
Red Hat Enterprise Linux 8	Red Hat	7.1.2
Red Hat Enterprise Linux 8.8 Extended Update Support	Red Hat	n/a
Red Hat Enterprise Linux 8	Red Hat	>= 2.286.0, < 2.289.4
Red Hat Enterprise Linux 9	Red Hat	n/a
Red Hat Enterprise Linux 9	Red Hat	< 17.4R2-S9, 17.4R3
Red Hat Enterprise Linux 8	Red Hat	n/a
Red Hat Software Collections	Red Hat	< bbdd158b40b66a9403391a517f24ef6613573446
Red Hat Software Collections	Red Hat	AQT1000
Red Hat Software Collections for Red Hat Enterprise Linux 7	Red Hat	n/a
Red Hat Software Collections for Red Hat Enterprise Linux 7	Red Hat	< R147-V6
Red Hat Software Collections for Red Hat Enterprise Linux 7	Red Hat	n/a
Red Hat Software Collections for Red Hat Enterprise Linux 7	Red Hat	<= 2.4.0

References (104)

Credits (2)

Upstream acknowledges Hemanth Sandrana and Mahendrakar Srinivasarao as the original reporters.
Upstream acknowledges Hemanth Sandrana and Mahendrakar Srinivasarao as the original reporters.