CVE-2022-41862: Infoleak
First published: Mon Jan 30 2023(Updated: )
A modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. When a libpq client application has a Kerberos credential cache and doesn't explicitly disable option "gssencmode", a server can cause libpq to over-read and report an error message containing uninitialized bytes from and following its receive buffer. If libpq's caller somehow makes that message accessible to the attacker, this achieves a disclosure of the over-read bytes. We have not confirmed or ruled out viability of attacks that arrange for a crash or for presence of notable, confidential information in disclosed bytes.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/postgresql | <5.2 | 5.2 |
| redhat/postgresql | <14.7 | 14.7 |
| redhat/postgresql | <13.10 | 13.10 |
| redhat/postgresql | <12.14 | 12.14 |
| redhat/postgresql | <11.19 | 11.19 |
| IBM Cloud Pak for Business Automation | <=V23.0.1 - V23.0.1-IF001 | |
| IBM Cloud Pak for Business Automation | <=V21.0.3 - V21.0.3-IF023 | |
| IBM Cloud Pak for Business Automation | <=V22.0.2 - V22.0.2-IF006 and later fixes V22.0.1 - V22.0.1-IF006 and later fixes V21.0.2 - V21.0.2-IF012 and later fixes V21.0.1 - V21.0.1-IF007 and later fixes V20.0.1 - V20.0.3 and later fixes V19.0.1 - V19.0.3 and later fixes V18.0.0 - V18.0.2 and later fixes | |
| PostgreSQL PostgreSQL | >=12.0<12.14 | |
| PostgreSQL PostgreSQL | >=13.0<13.10 | |
| PostgreSQL PostgreSQL | >=14.0<14.7 | |
| PostgreSQL PostgreSQL | >=15.0<15.2 | |
| Fedoraproject Fedora | =8 | |
| Redhat Integration Camel K | ||
| Redhat Integration Camel Quarkus | ||
| Redhat Integration Service Registry | ||
| Redhat Enterprise Linux | =8.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=2165722
- https://security.netapp.com/advisory/ntap-20230427-0002/
- https://www.postgresql.org/support/security/CVE-2022-41862/
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2170071
- https://access.redhat.com/errata/RHSA-2023:1576
- https://access.redhat.com/errata/RHSA-2023:1693
- https://access.redhat.com/security/cve/cve-2022-41862
- https://access.redhat.com/errata/RHSA-2023:4535
- https://access.redhat.com/errata/RHSA-2023:6429
- https://access.redhat.com/errata/RHSA-2023:7016
- https://access.redhat.com/errata/RHSA-2023:7545
- https://access.redhat.com/errata/RHSA-2023:7580
- https://access.redhat.com/errata/RHSA-2023:7667
- https://access.redhat.com/errata/RHSA-2023:7666
- https://access.redhat.com/errata/RHSA-2023:7694
- https://access.redhat.com/errata/RHSA-2023:7695
- https://access.redhat.com/errata/RHSA-2023:7772
- https://exchange.xforce.ibmcloud.com/vulnerabilities/248100
- https://www.ibm.com/support/pages/node/7030357 (Advisory)
Frequently Asked Questions
What is CVE-2022-41862?
CVE-2022-41862 is a vulnerability in PostgreSQL that allows a modified, unauthenticated server to send an unterminated string during the establishment of Kerberos transport encryption.
How does CVE-2022-41862 affect PostgreSQL?
CVE-2022-41862 affects certain versions of PostgreSQL (up to and excluding version 15.2) where a server can cause a libpq client to over-read and report an error message containing uninitialized bytes.
What is the severity of CVE-2022-41862?
CVE-2022-41862 has a low severity rating with a score of 3.7.
Which software versions are affected by CVE-2022-41862?
PostgreSQL versions 5.2 up to and excluding 15.2, 8.0 Fedora, Redhat Integration Camel K, Redhat Integration Camel Quarkus, Redhat Integration Service Registry, and Redhat Enterprise Linux 8.0 are affected by CVE-2022-41862.
How can I fix CVE-2022-41862?
To fix CVE-2022-41862, users should update their PostgreSQL installations to versions 15.2, 14.7, 13.10, 12.14, or 11.19 depending on the affected version.
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/weakness
- agent/author
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2022-41862
- agent/software-canonical-lookup
- agent/event
- agent/severity
- agent/references
- agent/description
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup-request
- agent/tags
- collector/nvd-index
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- package-manager/redhat
- vendor/ibm
- canonical/ibm cloud pak for business automation
- version/ibm cloud pak for business automation/v23.0.1 - v23.0.1-if001
- version/ibm cloud pak for business automation/v21.0.3 - v21.0.3-if023
- version/ibm cloud pak for business automation/v22.0.2 - v22.0.2-if006 and later fixes v22.0.1 - v22.0.1-if006 and later fixes v21.0.2 - v21.0.2-if012 and later fixes v21.0.1 - v21.0.1-if007 and later fixes v20.0.1 - v20.0.3 and later fixes v19.0.1 - v19.0.3 and later fixes v18.0.0 - v18.0.2 and later fixes
- vendor/postgresql
- canonical/postgresql postgresql
- version/postgresql postgresql/12.0
- version/postgresql postgresql/13.0
- version/postgresql postgresql/14.0
- version/postgresql postgresql/15.0
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/8
- vendor/redhat
- canonical/redhat integration camel k
- canonical/redhat integration camel quarkus
- canonical/redhat integration service registry
- canonical/redhat enterprise linux
- version/redhat enterprise linux/8.0