CVE-2023-5869
Published: 15 November 2023
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory.
Notes
Author | Note |
---|---|
leosilva |
PostgreSQL 9.3 is end of life upstream, and no updates are are available. Marking as deferred in -esm-main releases. |
Priority
Status
Package | Release | Status |
---|---|---|
postgresql-10
Launchpad, Ubuntu, Debian |
bionic |
Released
(10.23-0ubuntu0.18.04.2+esm1)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
postgresql-12
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(12.17-0ubuntu0.20.04.1)
|
|
jammy |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Released
(12.17)
|
|
xenial |
Does not exist
|
|
postgresql-14
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Released
(14.10-0ubuntu0.22.04.1)
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(14.10)
|
|
xenial |
Does not exist
|
|
postgresql-15
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
lunar |
Released
(15.5-0ubuntu0.23.04.1)
|
|
mantic |
Released
(15.5-0ubuntu0.23.10.1)
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(15.5)
|
|
xenial |
Does not exist
|
|
postgresql-16
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Not vulnerable
(16.1-1)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(16.1)
|
|
xenial |
Does not exist
|
|
postgresql-9.1
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
postgresql-9.3
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Deferred
(2019-08-23)
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
postgresql-9.5
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Released
(9.5.25-0ubuntu0.16.04.1+esm6)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
Severity score breakdown
Parameter | Value |
---|---|
Base score | 8.8 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | Low |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
References
- https://www.postgresql.org/support/security/CVE-2023-5869/
- https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/
- https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=c48008f599fd0e3bca2923ff5b40b559ae1e4e2e (v11)
- https://ubuntu.com/security/notices/USN-6538-1
- https://ubuntu.com/security/notices/USN-6570-1
- https://ubuntu.com/security/notices/USN-6538-2
- https://www.cve.org/CVERecord?id=CVE-2023-5869
- NVD
- Launchpad
- Debian