Vulnerability CVE-2024-7348: Information

Description

Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Published: Aug. 8, 2024
Modified: Aug. 12, 2024
Error type identifier: CWE-367

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
postgresql12sisyphus12.20-alt112.20-alt1ALT-PU-2024-10974-1354694Fixed
postgresql12sisyphus_e2k12.20-alt112.20-alt1ALT-PU-2024-11320-1-Fixed
postgresql12sisyphus_riscv6412.20-alt112.20-alt1ALT-PU-2024-11033-1-Fixed
postgresql12sisyphus_loongarch6412.20-alt112.20-alt1ALT-PU-2024-11042-1-Fixed
postgresql12p1012.20-alt0.p10.112.20-alt0.p10.1ALT-PU-2024-11281-2354725Fixed
postgresql12p10_e2k12.20-alt0.p10.112.20-alt0.p10.1ALT-PU-2024-11669-1-Fixed
postgresql12p912.20-alt0.M90P.112.20-alt0.M90P.1ALT-PU-2024-11581-2354730Fixed
postgresql12c10f112.20-alt0.p10.112.20-alt0.p10.1ALT-PU-2024-11272-2354747Fixed
postgresql12c9f212.20-alt0.c9f2.112.20-alt0.c9f2.1ALT-PU-2024-10997-2354752Fixed
postgresql12p1112.20-alt112.20-alt1ALT-PU-2024-10989-2354731Fixed
postgresql12-1Cp912.20-alt0.M90P.112.20-alt0.M90P.1ALT-PU-2024-11579-2354730Fixed
postgresql12-1Cc9f212.20-alt0.c9f2.112.20-alt0.c9f2.1ALT-PU-2024-10999-2354752Fixed
postgresql13sisyphus13.16-alt113.16-alt1ALT-PU-2024-10975-1354694Fixed
postgresql13sisyphus_e2k13.16-alt113.16-alt1ALT-PU-2024-11321-1-Fixed
postgresql13sisyphus_riscv6413.16-alt113.16-alt1ALT-PU-2024-11034-1-Fixed
postgresql13sisyphus_loongarch6413.16-alt113.16-alt1ALT-PU-2024-11043-1-Fixed
postgresql13p1013.16-alt0.p10.113.16-alt0.p10.1ALT-PU-2024-11279-2354725Fixed
postgresql13p10_e2k13.16-alt0.p10.113.16-alt0.p10.1ALT-PU-2024-11670-1-Fixed
postgresql13c10f113.16-alt0.p10.113.16-alt0.p10.1ALT-PU-2024-11274-2354747Fixed
postgresql13p1113.16-alt113.16-alt1ALT-PU-2024-10986-2354731Fixed
postgresql14sisyphus14.13-alt114.13-alt1ALT-PU-2024-10976-1354694Fixed
postgresql14sisyphus_e2k14.13-alt114.13-alt1ALT-PU-2024-11322-1-Fixed
postgresql14sisyphus_riscv6414.13-alt114.13-alt1ALT-PU-2024-11035-1-Fixed
postgresql14sisyphus_loongarch6414.13-alt114.13-alt1ALT-PU-2024-11044-1-Fixed
postgresql14p1014.13-alt0.p10.114.13-alt0.p10.1ALT-PU-2024-11278-2354725Fixed
postgresql14p10_e2k14.13-alt0.p10.114.13-alt0.p10.1ALT-PU-2024-11671-1-Fixed
postgresql14c10f114.13-alt0.p10.114.13-alt0.p10.1ALT-PU-2024-11275-2354747Fixed
postgresql14p1114.13-alt114.13-alt1ALT-PU-2024-10983-2354731Fixed
postgresql15sisyphus15.8-alt115.8-alt1ALT-PU-2024-10977-1354694Fixed
postgresql15sisyphus_e2k15.8-alt115.8-alt1ALT-PU-2024-11323-1-Fixed
postgresql15sisyphus_riscv6415.8-alt115.8-alt1ALT-PU-2024-11037-1-Fixed
postgresql15sisyphus_loongarch6415.8-alt115.8-alt1ALT-PU-2024-11047-1-Fixed
postgresql15p1015.8-alt0.p10.115.8-alt0.p10.1ALT-PU-2024-11282-2354725Fixed
postgresql15p10_e2k15.8-alt0.p10.115.8-alt0.p10.1ALT-PU-2024-11672-1-Fixed
postgresql15c10f115.8-alt0.c10f1.115.8-alt0.c10f1.1ALT-PU-2024-11270-2354747Fixed
postgresql15p1115.8-alt115.8-alt1ALT-PU-2024-10985-2354731Fixed
postgresql15-1Cp1015.8-alt0.p10.115.8-alt0.p10.1ALT-PU-2024-11280-2354725Fixed
postgresql15-1Cp10_e2k15.8-alt0.p10.115.8-alt0.p10.1ALT-PU-2024-11673-1-Fixed
postgresql15-1Cc10f115.8-alt0.p10.115.8-alt0.p10.1ALT-PU-2024-11273-2354747Fixed
postgresql16sisyphus16.4-alt116.4-alt1ALT-PU-2024-10972-1354694Fixed
postgresql16sisyphus_e2k16.4-alt116.4-alt1ALT-PU-2024-11318-1-Fixed
postgresql16sisyphus_riscv6416.4-alt116.4-alt1ALT-PU-2024-11031-1-Fixed
postgresql16sisyphus_loongarch6416.4-alt116.4-alt1ALT-PU-2024-11040-1-Fixed
postgresql16p1016.4-alt0.p10.116.4-alt0.p10.1ALT-PU-2024-11276-2354725Fixed
postgresql16p10_e2k16.4-alt0.p10.116.4-alt0.p10.1ALT-PU-2024-11667-1-Fixed
postgresql16p1116.4-alt116.4-alt1ALT-PU-2024-10987-2354731Fixed
postgresql16-1Csisyphus16.4-alt116.4-alt1ALT-PU-2024-10978-1354694Fixed
postgresql16-1Csisyphus_e2k16.4-alt116.4-alt1ALT-PU-2024-11324-1-Fixed
postgresql16-1Csisyphus_riscv6416.4-alt116.4-alt1ALT-PU-2024-11038-1-Fixed
postgresql16-1Csisyphus_loongarch6416.4-alt116.4-alt1ALT-PU-2024-11048-1-Fixed
postgresql16-1Cp1116.4-alt116.4-alt1ALT-PU-2024-10988-2354731Fixed

References to Advisories, Solutions, and Tools

    1. Configuration 1

      cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
      Start including
      16.0
      End excluding
      16.4

      cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
      Start including
      15.0
      End excluding
      15.8

      cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
      Start including
      14.0
      End excluding
      14.13

      cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
      Start including
      13.0
      End excluding
      13.16

      cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
      Start including
      12.0
      End excluding
      12.20