Vulnerability CVE-2023-5870: Information

Description

A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.

Severity: MEDIUM (4.4) Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

Published: Dec. 10, 2023
Modified: Jan. 25, 2024

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
postgresql11p1011.22-alt0.p10.111.22-alt0.p10.1ALT-PU-2023-7086-4333972Fixed
postgresql11p10_e2k11.22-alt0.p10.111.22-alt0.p10.1ALT-PU-2023-7587-1-Fixed
postgresql11p911.22-alt0.M90P.111.22-alt0.M90P.1ALT-PU-2023-7481-2333985Fixed
postgresql11c10f111.22-alt0.p10.111.22-alt0.p10.1ALT-PU-2023-8223-2336885Fixed
postgresql11c9f211.22-alt0.M90P.111.22-alt0.M90P.1ALT-PU-2023-7083-2333990Fixed
postgresql12sisyphus12.17-alt112.19-alt1ALT-PU-2023-7059-1333881Fixed
postgresql12sisyphus_e2k12.17-alt112.19-alt1ALT-PU-2023-7146-1-Fixed
postgresql12sisyphus_riscv6412.17-alt212.18-alt1ALT-PU-2023-7198-1-Fixed
postgresql12p1012.17-alt0.p10.112.19-alt0.p10.1ALT-PU-2023-7087-4333972Fixed
postgresql12p10_e2k12.17-alt0.p10.112.19-alt0.p10.1ALT-PU-2023-7588-1-Fixed
postgresql12p912.17-alt0.M90P.112.18-alt0.M90P.1ALT-PU-2023-7480-2333985Fixed
postgresql12c10f112.17-alt0.p10.112.19-alt0.p10.1ALT-PU-2023-8221-2336885Fixed
postgresql12c9f212.17-alt0.M90P.112.18-alt0.c9f2.1ALT-PU-2023-7082-2333990Fixed
postgresql12-1Cp912.17-alt0.M90P.112.17-alt0.M90P.2ALT-PU-2023-7479-2333985Fixed
postgresql12-1Cc9f212.17-alt0.M90P.112.17-alt0.c9f2.2ALT-PU-2023-7081-2333990Fixed
postgresql13sisyphus13.13-alt113.15-alt1ALT-PU-2023-7057-1333881Fixed
postgresql13sisyphus_e2k13.13-alt113.15-alt1ALT-PU-2023-7147-1-Fixed
postgresql13sisyphus_riscv6413.13-alt213.14-alt1ALT-PU-2023-7173-1-Fixed
postgresql13p1013.13-alt0.p10.113.15-alt0.p10.1ALT-PU-2023-7088-4333972Fixed
postgresql13p10_e2k13.13-alt0.p10.113.15-alt0.p10.1ALT-PU-2023-7589-1-Fixed
postgresql13c10f113.13-alt0.p10.113.15-alt0.p10.1ALT-PU-2023-8224-2336885Fixed
postgresql14sisyphus14.10-alt114.12-alt1ALT-PU-2023-7062-1333881Fixed
postgresql14sisyphus_e2k14.10-alt114.12-alt1ALT-PU-2023-7148-1-Fixed
postgresql14sisyphus_riscv6414.10-alt214.11-alt1ALT-PU-2023-7174-1-Fixed
postgresql14p1014.10-alt0.p10.114.12-alt0.p10.1ALT-PU-2023-7089-4333972Fixed
postgresql14p10_e2k14.10-alt0.p10.114.12-alt0.p10.1ALT-PU-2023-7590-1-Fixed
postgresql14c10f114.10-alt0.p10.114.12-alt0.p10.1ALT-PU-2023-8225-2336885Fixed
postgresql15sisyphus15.5-alt115.7-alt1ALT-PU-2023-7060-1333881Fixed
postgresql15sisyphus_e2k15.5-alt115.7-alt1ALT-PU-2023-7149-1-Fixed
postgresql15sisyphus_riscv6415.5-alt115.6-alt1ALT-PU-2023-7763-1-Fixed
postgresql15p1015.5-alt0.p10.115.7-alt0.p10.1ALT-PU-2023-7090-4333972Fixed
postgresql15p10_e2k15.5-alt0.p10.115.7-alt0.p10.1ALT-PU-2023-7591-1-Fixed
postgresql15c10f115.5-alt0.c10.115.7-alt0.c10f1.1ALT-PU-2023-8222-2336885Fixed
postgresql15-1Csisyphus15.5-alt115.7-alt1ALT-PU-2023-7058-1333881Fixed
postgresql15-1Csisyphus_e2k15.5-alt115.7-alt1ALT-PU-2023-7150-1-Fixed
postgresql15-1Csisyphus_riscv6415.5-alt215.5-alt4ALT-PU-2023-7167-1-Fixed
postgresql15-1Cp1015.5-alt0.p10.215.7-alt0.p10.1ALT-PU-2023-7207-2333972Fixed
postgresql15-1Cp10_e2k15.5-alt0.p10.215.7-alt0.p10.1ALT-PU-2023-7592-1-Fixed
postgresql15-1Cc10f115.5-alt0.p10.215.7-alt0.p10.1ALT-PU-2023-8226-2336885Fixed
postgresql16sisyphus16.1-alt116.3-alt1ALT-PU-2023-7061-1333881Fixed
postgresql16sisyphus_e2k16.1-alt216.3-alt1ALT-PU-2023-7145-1-Fixed
postgresql16sisyphus_riscv6416.1-alt216.2-alt1ALT-PU-2023-7196-1-Fixed
postgresql16p1016.1-alt116.3-alt0.p10.1ALT-PU-2023-7061-1333881Fixed

References to Advisories, Solutions, and Tools

    1. Configuration 1

      cpe:2.3:a:postgresql:postgresql:16.0:*:*:*:*:*:*:*

      cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
      Start including
      15.0
      End excliding
      15.5

      cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
      Start including
      14.0
      End excliding
      14.10

      cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
      Start including
      13.0
      End excliding
      13.13

      cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
      Start including
      12.0
      End excliding
      12.17

      cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
      Start including
      11.0
      End excliding
      11.22

      Configuration 2

      cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_eus:9.0:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*

      cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.2_aarch64:*:*:*:*:*:*:*

      cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*

      cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*

      cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*

      cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.0_s390x:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x:*:*:*:*:*:*:*

      cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:*

      cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.0_s390x:*:*:*:*:*:*:*

      cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.0_aarch64:*:*:*:*:*:*:*

      cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:*

      cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:8.6_aarch64:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6_ppc64le:*:*:*:*:*:*:*

      cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.8_aarch64:*:*:*:*:*:*:*