Vulnerability CVE-2023-5869: Information

Description

A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory.

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Published: Dec. 10, 2023
Modified: Jan. 25, 2024
Error type identifier: CWE-190

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
postgresql11p1011.22-alt0.p10.111.22-alt0.p10.1ALT-PU-2023-7086-4333972Fixed
postgresql11p10_e2k11.22-alt0.p10.111.22-alt0.p10.1ALT-PU-2023-7587-1-Fixed
postgresql11p911.22-alt0.M90P.111.22-alt0.M90P.1ALT-PU-2023-7481-2333985Fixed
postgresql11c10f111.22-alt0.p10.111.22-alt0.p10.1ALT-PU-2023-8223-2336885Fixed
postgresql11c9f211.22-alt0.M90P.111.22-alt0.M90P.1ALT-PU-2023-7083-2333990Fixed
postgresql12sisyphus12.17-alt112.19-alt1ALT-PU-2023-7059-1333881Fixed
postgresql12sisyphus_e2k12.17-alt112.19-alt1ALT-PU-2023-7146-1-Fixed
postgresql12sisyphus_riscv6412.17-alt212.18-alt1ALT-PU-2023-7198-1-Fixed
postgresql12p1012.17-alt0.p10.112.19-alt0.p10.1ALT-PU-2023-7087-4333972Fixed
postgresql12p10_e2k12.17-alt0.p10.112.19-alt0.p10.1ALT-PU-2023-7588-1-Fixed
postgresql12p912.17-alt0.M90P.112.18-alt0.M90P.1ALT-PU-2023-7480-2333985Fixed
postgresql12c10f112.17-alt0.p10.112.19-alt0.p10.1ALT-PU-2023-8221-2336885Fixed
postgresql12c9f212.17-alt0.M90P.112.18-alt0.c9f2.1ALT-PU-2023-7082-2333990Fixed
postgresql12-1Cp912.17-alt0.M90P.112.17-alt0.M90P.2ALT-PU-2023-7479-2333985Fixed
postgresql12-1Cc9f212.17-alt0.M90P.112.17-alt0.c9f2.2ALT-PU-2023-7081-2333990Fixed
postgresql13sisyphus13.13-alt113.15-alt1ALT-PU-2023-7057-1333881Fixed
postgresql13sisyphus_e2k13.13-alt113.15-alt1ALT-PU-2023-7147-1-Fixed
postgresql13sisyphus_riscv6413.13-alt213.14-alt1ALT-PU-2023-7173-1-Fixed
postgresql13p1013.13-alt0.p10.113.15-alt0.p10.1ALT-PU-2023-7088-4333972Fixed
postgresql13p10_e2k13.13-alt0.p10.113.15-alt0.p10.1ALT-PU-2023-7589-1-Fixed
postgresql13c10f113.13-alt0.p10.113.15-alt0.p10.1ALT-PU-2023-8224-2336885Fixed
postgresql14sisyphus14.10-alt114.12-alt1ALT-PU-2023-7062-1333881Fixed
postgresql14sisyphus_e2k14.10-alt114.12-alt1ALT-PU-2023-7148-1-Fixed
postgresql14sisyphus_riscv6414.10-alt214.11-alt1ALT-PU-2023-7174-1-Fixed
postgresql14p1014.10-alt0.p10.114.12-alt0.p10.1ALT-PU-2023-7089-4333972Fixed
postgresql14p10_e2k14.10-alt0.p10.114.12-alt0.p10.1ALT-PU-2023-7590-1-Fixed
postgresql14c10f114.10-alt0.p10.114.12-alt0.p10.1ALT-PU-2023-8225-2336885Fixed
postgresql15sisyphus15.5-alt115.7-alt1ALT-PU-2023-7060-1333881Fixed
postgresql15sisyphus_e2k15.5-alt115.7-alt1ALT-PU-2023-7149-1-Fixed
postgresql15sisyphus_riscv6415.5-alt115.6-alt1ALT-PU-2023-7763-1-Fixed
postgresql15p1015.5-alt0.p10.115.7-alt0.p10.1ALT-PU-2023-7090-4333972Fixed
postgresql15p10_e2k15.5-alt0.p10.115.7-alt0.p10.1ALT-PU-2023-7591-1-Fixed
postgresql15c10f115.5-alt0.c10.115.7-alt0.c10f1.1ALT-PU-2023-8222-2336885Fixed
postgresql15-1Csisyphus15.5-alt115.7-alt1ALT-PU-2023-7058-1333881Fixed
postgresql15-1Csisyphus_e2k15.5-alt115.7-alt1ALT-PU-2023-7150-1-Fixed
postgresql15-1Csisyphus_riscv6415.5-alt215.5-alt4ALT-PU-2023-7167-1-Fixed
postgresql15-1Cp1015.5-alt0.p10.215.7-alt0.p10.1ALT-PU-2023-7207-2333972Fixed
postgresql15-1Cp10_e2k15.5-alt0.p10.215.7-alt0.p10.1ALT-PU-2023-7592-1-Fixed
postgresql15-1Cc10f115.5-alt0.p10.215.7-alt0.p10.1ALT-PU-2023-8226-2336885Fixed
postgresql16sisyphus16.1-alt116.3-alt1ALT-PU-2023-7061-1333881Fixed
postgresql16sisyphus_e2k16.1-alt216.3-alt1ALT-PU-2023-7145-1-Fixed
postgresql16sisyphus_riscv6416.1-alt216.2-alt1ALT-PU-2023-7196-1-Fixed
postgresql16p1016.1-alt116.3-alt0.p10.1ALT-PU-2023-7061-1333881Fixed

References to Advisories, Solutions, and Tools

    1. Configuration 1

      cpe:2.3:a:postgresql:postgresql:16.0:*:*:*:*:*:*:*

      cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
      Start including
      15.0
      End excliding
      15.5

      cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
      Start including
      14.0
      End excliding
      14.10

      cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
      Start including
      13.0
      End excliding
      13.13

      cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
      Start including
      12.0
      End excliding
      12.17

      cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
      Start including
      11.0
      End excliding
      11.22

      Configuration 2

      cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

      cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_eus:9.0:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*

      cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.2_aarch64:*:*:*:*:*:*:*

      cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*

      cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*

      cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*

      cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.0_s390x:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0_ppc64le:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0_s390x:*:*:*:*:*:*:*

      cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:*

      cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.0_s390x:*:*:*:*:*:*:*

      cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.0_aarch64:*:*:*:*:*:*:*

      cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:*

      cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:8.6_aarch64:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6_ppc64le:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.8_aarch64:*:*:*:*:*:*:*