CVE-2023-5868: Postgresql: memory disclosure in aggregate function calls
First published: Tue Oct 31 2023(Updated: )
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/PostgreSQL | <16.1 | 16.1 |
| redhat/PostgreSQL | <15.5 | 15.5 |
| redhat/PostgreSQL | <14.10 | 14.10 |
| redhat/PostgreSQL | <13.13 | 13.13 |
| redhat/PostgreSQL | <12.17 | 12.17 |
| redhat/PostgreSQL | <11.22 | 11.22 |
| ubuntu/postgresql-10 | <10.23-0ubuntu0.18.04.2+ | 10.23-0ubuntu0.18.04.2+ |
| ubuntu/postgresql-12 | <12.17-0ubuntu0.20.04.1 | 12.17-0ubuntu0.20.04.1 |
| ubuntu/postgresql-12 | <12.17 | 12.17 |
| ubuntu/postgresql-14 | <14.10-0ubuntu0.22.04.1 | 14.10-0ubuntu0.22.04.1 |
| ubuntu/postgresql-14 | <14.10 | 14.10 |
| ubuntu/postgresql-15 | <15.5-0ubuntu0.23.04.1 | 15.5-0ubuntu0.23.04.1 |
| ubuntu/postgresql-15 | <15.5-0ubuntu0.23.10.1 | 15.5-0ubuntu0.23.10.1 |
| ubuntu/postgresql-15 | <15.5 | 15.5 |
| ubuntu/postgresql-16 | <16.1 | 16.1 |
| debian/postgresql-13 | 13.16-0+deb11u1 | |
| debian/postgresql-15 | 15.8-0+deb12u1 | |
| debian/postgresql-16 | 16.4-1 | |
| PostgreSQL Common | >=11.0<11.22 | |
| PostgreSQL Common | >=12.0<12.17 | |
| PostgreSQL Common | >=13.0<13.13 | |
| PostgreSQL Common | >=14.0<14.10 | |
| PostgreSQL Common | >=15.0<15.5 | |
| PostgreSQL Common | =16.0 | |
| Red Hat CodeReady Linux Builder | =9.2 | |
| Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support | =9.0_ppc64le | |
| Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support | =9.2_ppc64le | |
| Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support | =8.6_aarch64 | |
| Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support | =9.0_aarch64 | |
| Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support | =9.2_aarch64 | |
| Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support | =9.0_s390x | |
| Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support | =9.2_s390x | |
| Red Hat CodeReady Linux Builder for Power, little endian | =9.0_ppc64le | |
| Red Hat CodeReady Linux Builder for Power, little endian | =9.2_ppc64le | |
| Red Hat Software Collections | =1.0 | |
| Red Hat Enterprise Linux | =8.0 | |
| Red Hat Enterprise Linux | =9.0 | |
| Red Hat Enterprise Linux Server EUS | =8.6 | |
| Red Hat Enterprise Linux Server EUS | =8.8 | |
| Red Hat Enterprise Linux Server EUS | =9.0 | |
| Red Hat Enterprise Linux Server EUS | =9.2 | |
| Red Hat Enterprise Linux | =8.0 | |
| Red Hat Enterprise Linux | =8.8_aarch64 | |
| Red Hat Enterprise Linux for IBM Z Systems | =8.0_s390x | |
| Red Hat Enterprise Linux for IBM Z Systems (s390x) | =8.6_s390x | |
| Red Hat Enterprise Linux for IBM Z Systems (s390x) | =8.8_s390x | |
| Red Hat Enterprise Linux for IBM Z Systems (s390x) | =9.0_s390x | |
| Red Hat Enterprise Linux for IBM Z Systems (s390x) | =9.2_s390x | |
| Red Hat Enterprise Linux for Power, little endian | =8.0_ppc64le | |
| Red Hat Enterprise Linux for Power, little endian - Extended Update Support | =8.6_ppc64le | |
| Red Hat Enterprise Linux for Power, little endian - Extended Update Support | =8.8_ppc64le | |
| Red Hat Enterprise Linux for Power, little endian - Extended Update Support | =9.0_ppc64le | |
| Red Hat Enterprise Linux for Power, little endian - Extended Update Support | =9.2_ppc64le | |
| Red Hat Enterprise Linux Server | =8.2 | |
| Red Hat Enterprise Linux Server | =8.4 | |
| Red Hat Enterprise Linux Server | =8.6 | |
| Red Hat Enterprise Linux Server | =9.2 | |
| Red Hat Enterprise Linux Server | =8.2 | |
| Red Hat Enterprise Linux Server | =8.4 | |
| Red Hat Enterprise Linux Server | =8.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=2247168
- https://access.redhat.com/errata/RHSA-2023:7545
- https://access.redhat.com/errata/RHSA-2023:7579
- https://access.redhat.com/errata/RHSA-2023:7580
- https://access.redhat.com/errata/RHSA-2023:7581
- https://access.redhat.com/errata/RHSA-2023:7616
- https://access.redhat.com/errata/RHSA-2023:7656
- https://access.redhat.com/errata/RHSA-2023:7666
- https://access.redhat.com/errata/RHSA-2023:7667
- https://access.redhat.com/errata/RHSA-2023:7694
- https://access.redhat.com/errata/RHSA-2023:7695
- https://access.redhat.com/security/cve/CVE-2023-5868
- https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/
- https://www.postgresql.org/support/security/CVE-2023-5868/
- https://access.redhat.com/errata/RHSA-2023:7714
- https://access.redhat.com/errata/RHSA-2023:7770
- https://access.redhat.com/errata/RHSA-2023:7772
- https://access.redhat.com/errata/RHSA-2023:7784
- https://access.redhat.com/errata/RHSA-2023:7785
- https://access.redhat.com/errata/RHSA-2023:7883
- https://access.redhat.com/errata/RHSA-2023:7884
- https://access.redhat.com/errata/RHSA-2023:7885
- https://access.redhat.com/errata/RHSA-2024:0304
- https://access.redhat.com/errata/RHSA-2024:0332
- https://security.netapp.com/advisory/ntap-20240119-0003/
- https://access.redhat.com/errata/RHSA-2024:0337
- https://launchpad.net/bugs/cve/CVE-2023-5868
- https://exchange.xforce.ibmcloud.com/vulnerabilities/271219
- https://www.ibm.com/support/pages/node/7114419 (Advisory)
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2249042
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2249041
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2249043
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2249044
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2249045
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2249046
- https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=8c6633f4deb6ace445fc3d72d54585c373187d2d;hp=a27be40c1bc328f4bab324ccecd601909ec94ac9 (v11)
- https://ubuntu.com/security/notices/USN-6538-1
- https://ubuntu.com/security/notices/USN-6538-2
- https://www.cve.org/CVERecord?id=CVE-2023-5868
- https://nvd.nist.gov/vuln/detail/CVE-2023-5868
- https://security-tracker.debian.org/tracker/CVE-2023-5868
- https://ubuntu.com/security/CVE-2023-5868
Frequently Asked Questions
What is CVE-2023-5868?
CVE-2023-5868 is a vulnerability that allows memory disclosure in aggregate function calls.
Which software is affected by CVE-2023-5868?
The software affected by CVE-2023-5868 includes PostgreSQL versions 11.16-0+deb10u1, 13.11-0+deb11u1, 15.3-0+deb12u1, 16.1-1, and Red Hat PostgreSQL versions 16.1, 15.5, 14.10, 13.13, 12.17, and 11.22. It also affects Ubuntu PostgreSQL versions 14.10-0ubuntu0.22.04.1, 14.10, 12.17-0ubuntu0.20.04.1, 12.17, 15.5, 15.5-0ubuntu0.23.04.1, and 15.5-0ubuntu0.23.10.1.
What is the severity of CVE-2023-5868?
CVE-2023-5868 has a severity level of medium.
How can I fix the CVE-2023-5868 vulnerability?
To fix the CVE-2023-5868 vulnerability, you should update your PostgreSQL installation to a version that includes the necessary security patches. Please refer to the official PostgreSQL website and your OS package manager for the latest updates and instructions.
Where can I find more information about CVE-2023-5868?
You can find more information about CVE-2023-5868 on the official PostgreSQL website, the Debian Security Tracker, and the provided references.
- agent/type
- agent/first-publish-date
- agent/weakness
- agent/title
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/launchpad-cve
- source/Launchpad
- collector/ibm-support
- source/IBM
- agent/severity
- agent/description
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-5868
- agent/software-canonical-lookup
- collector/usn-cve
- source/Ubuntu
- agent/references
- collector/security-tracker-debian
- source/Debian
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/trending
- agent/source
- agent/author
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-cve
- package-manager/redhat
- package-manager/ubuntu
- package-manager/debian
- vendor/postgresql
- canonical/postgresql common
- version/postgresql common/11.0
- version/postgresql common/12.0
- version/postgresql common/13.0
- version/postgresql common/14.0
- version/postgresql common/15.0
- version/postgresql common/16.0
- vendor/redhat
- canonical/red hat codeready linux builder
- version/red hat codeready linux builder/9.2
- canonical/red hat codeready linux builder for power, little endian - extended update support
- version/red hat codeready linux builder for power, little endian - extended update support/9.0_ppc64le
- version/red hat codeready linux builder for power, little endian - extended update support/9.2_ppc64le
- canonical/red hat codeready linux builder for arm 64 - extended update support
- version/red hat codeready linux builder for arm 64 - extended update support/8.6_aarch64
- version/red hat codeready linux builder for arm 64 - extended update support/9.0_aarch64
- version/red hat codeready linux builder for arm 64 - extended update support/9.2_aarch64
- canonical/red hat codeready linux builder for ibm z systems - extended update support
- version/red hat codeready linux builder for ibm z systems - extended update support/9.0_s390x
- version/red hat codeready linux builder for ibm z systems - extended update support/9.2_s390x
- canonical/red hat codeready linux builder for power, little endian
- version/red hat codeready linux builder for power, little endian/9.0_ppc64le
- version/red hat codeready linux builder for power, little endian/9.2_ppc64le
- canonical/red hat software collections
- version/red hat software collections/1.0
- canonical/red hat enterprise linux
- version/red hat enterprise linux/8.0
- version/red hat enterprise linux/9.0
- canonical/red hat enterprise linux server eus
- version/red hat enterprise linux server eus/8.6
- version/red hat enterprise linux server eus/8.8
- version/red hat enterprise linux server eus/9.0
- version/red hat enterprise linux server eus/9.2
- version/red hat enterprise linux/8.8_aarch64
- canonical/red hat enterprise linux for ibm z systems
- version/red hat enterprise linux for ibm z systems/8.0_s390x
- canonical/red hat enterprise linux for ibm z systems (s390x)
- version/red hat enterprise linux for ibm z systems (s390x)/8.6_s390x
- version/red hat enterprise linux for ibm z systems (s390x)/8.8_s390x
- version/red hat enterprise linux for ibm z systems (s390x)/9.0_s390x
- version/red hat enterprise linux for ibm z systems (s390x)/9.2_s390x
- canonical/red hat enterprise linux for power, little endian
- version/red hat enterprise linux for power, little endian/8.0_ppc64le
- canonical/red hat enterprise linux for power, little endian - extended update support
- version/red hat enterprise linux for power, little endian - extended update support/8.6_ppc64le
- version/red hat enterprise linux for power, little endian - extended update support/8.8_ppc64le
- version/red hat enterprise linux for power, little endian - extended update support/9.0_ppc64le
- version/red hat enterprise linux for power, little endian - extended update support/9.2_ppc64le
- canonical/red hat enterprise linux server
- version/red hat enterprise linux server/8.2
- version/red hat enterprise linux server/8.4
- version/red hat enterprise linux server/8.6
- version/red hat enterprise linux server/9.2