CVE-2023-5869: Postgresql: buffer overrun from integer overflow in array modification
First published: Tue Oct 31 2023(Updated: )
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| PostgreSQL PostgreSQL | >=11.0<11.22 | |
| PostgreSQL PostgreSQL | >=12.0<12.17 | |
| PostgreSQL PostgreSQL | >=13.0<13.13 | |
| PostgreSQL PostgreSQL | >=14.0<14.10 | |
| PostgreSQL PostgreSQL | >=15.0<15.5 | |
| PostgreSQL PostgreSQL | =16.0 | |
| Redhat Codeready Linux Builder Eus | =9.2 | |
| Redhat Codeready Linux Builder Eus For Power Little Endian Eus | =9.0_ppc64le | |
| Redhat Codeready Linux Builder Eus For Power Little Endian Eus | =9.2_ppc64le | |
| Redhat Codeready Linux Builder For Arm64 Eus | =8.6_aarch64 | |
| Redhat Codeready Linux Builder For Arm64 Eus | =9.0_aarch64 | |
| Redhat Codeready Linux Builder For Arm64 Eus | =9.2_aarch64 | |
| Redhat Codeready Linux Builder For Ibm Z Systems Eus | =9.0_s390x | |
| Redhat Codeready Linux Builder For Ibm Z Systems Eus | =9.2_s390x | |
| Redhat Codeready Linux Builder For Power Little Endian Eus | =9.0_ppc64le | |
| Redhat Codeready Linux Builder For Power Little Endian Eus | =9.2_ppc64le | |
| Redhat Software Collections | =1.0 | |
| Redhat Enterprise Linux | =8.0 | |
| Redhat Enterprise Linux | =9.0 | |
| Redhat Enterprise Linux Desktop | =7.0 | |
| Redhat Enterprise Linux Eus | =8.6 | |
| Redhat Enterprise Linux Eus | =8.8 | |
| Redhat Enterprise Linux Eus | =9.0 | |
| Redhat Enterprise Linux Eus | =9.2 | |
| Redhat Enterprise Linux For Arm 64 | =8.0 | |
| Redhat Enterprise Linux For Arm 64 | =8.8_aarch64 | |
| Redhat Enterprise Linux For Ibm Z Systems | =7.0_s390x | |
| Redhat Enterprise Linux For Ibm Z Systems | =8.0_s390x | |
| Redhat Enterprise Linux For Ibm Z Systems Eus | =8.6_s390x | |
| Redhat Enterprise Linux For Ibm Z Systems Eus | =8.8_s390x | |
| Redhat Enterprise Linux For Ibm Z Systems Eus | =9.0_s390x | |
| Redhat Enterprise Linux For Ibm Z Systems Eus | =9.2_s390x | |
| Redhat Enterprise Linux For Power Big Endian | =7.0_ppc64 | |
| Redhat Enterprise Linux For Power Little Endian | =7.0_ppc64le | |
| Redhat Enterprise Linux For Power Little Endian | =8.0_ppc64le | |
| Redhat Enterprise Linux For Power Little Endian Eus | =8.6_ppc64le | |
| Redhat Enterprise Linux For Power Little Endian Eus | =8.8_ppc64le | |
| Redhat Enterprise Linux For Power Little Endian Eus | =9.0_ppc64le | |
| Redhat Enterprise Linux For Power Little Endian Eus | =9.2_ppc64le | |
| Redhat Enterprise Linux For Scientific Computing | =7.0 | |
| Redhat Enterprise Linux Server | =7.0 | |
| Redhat Enterprise Linux Server Aus | =8.2 | |
| Redhat Enterprise Linux Server Aus | =8.4 | |
| Redhat Enterprise Linux Server Aus | =8.6 | |
| Redhat Enterprise Linux Server Aus | =9.2 | |
| Redhat Enterprise Linux Server Tus | =8.2 | |
| Redhat Enterprise Linux Server Tus | =8.4 | |
| Redhat Enterprise Linux Server Tus | =8.6 | |
| Redhat Enterprise Linux Workstation | =7.0 | |
| redhat/PostgreSQL | <16.1 | 16.1 |
| redhat/PostgreSQL | <15.5 | 15.5 |
| redhat/PostgreSQL | <14.10 | 14.10 |
| redhat/PostgreSQL | <13.13 | 13.13 |
| redhat/PostgreSQL | <12.17 | 12.17 |
| redhat/PostgreSQL | <11.22 | 11.22 |
| IBM Security Guardium | <=11.3 | |
| IBM Security Guardium | <=11.4 | |
| IBM Security Guardium | <=11.5 | |
| IBM Security Guardium | <=12.0 | |
| debian/postgresql-13 | 13.16-0+deb11u1 | |
| debian/postgresql-15 | 15.8-0+deb12u1 | |
| debian/postgresql-16 | 16.4-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=2247169
- https://access.redhat.com/errata/RHSA-2023:7545
- https://access.redhat.com/errata/RHSA-2023:7579
- https://access.redhat.com/errata/RHSA-2023:7580
- https://access.redhat.com/errata/RHSA-2023:7581
- https://access.redhat.com/errata/RHSA-2023:7616
- https://access.redhat.com/errata/RHSA-2023:7656
- https://access.redhat.com/errata/RHSA-2023:7666
- https://access.redhat.com/errata/RHSA-2023:7667
- https://access.redhat.com/errata/RHSA-2023:7694
- https://access.redhat.com/errata/RHSA-2023:7695
- https://access.redhat.com/security/cve/CVE-2023-5869
- https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/
- https://www.postgresql.org/support/security/CVE-2023-5869/
- https://access.redhat.com/errata/RHSA-2023:7714
- https://access.redhat.com/errata/RHSA-2023:7770
- https://access.redhat.com/errata/RHSA-2023:7771
- https://access.redhat.com/errata/RHSA-2023:7772
- https://access.redhat.com/errata/RHSA-2023:7778
- https://access.redhat.com/errata/RHSA-2023:7783
- https://access.redhat.com/errata/RHSA-2023:7784
- https://access.redhat.com/errata/RHSA-2023:7785
- https://access.redhat.com/errata/RHSA-2023:7786
- https://access.redhat.com/errata/RHSA-2023:7788
- https://access.redhat.com/errata/RHSA-2023:7789
- https://access.redhat.com/errata/RHSA-2023:7790
- https://access.redhat.com/errata/RHSA-2023:7878
- https://access.redhat.com/errata/RHSA-2023:7883
- https://access.redhat.com/errata/RHSA-2023:7884
- https://access.redhat.com/errata/RHSA-2023:7885
- https://access.redhat.com/errata/RHSA-2024:0304
- https://access.redhat.com/errata/RHSA-2024:0332
- https://security.netapp.com/advisory/ntap-20240119-0003/
- https://access.redhat.com/errata/RHSA-2024:0337
- https://launchpad.net/bugs/cve/CVE-2023-5869
- https://access.redhat.com/security/cve/CVE-2021-32027
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2249042
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2249041
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2249043
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2249044
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2249045
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2249046
- https://exchange.xforce.ibmcloud.com/vulnerabilities/271226
- https://www.ibm.com/support/pages/node/7150840 (Advisory)
- https://security-tracker.debian.org/tracker/CVE-2023-5869
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5869
- https://nvd.nist.gov/vuln/detail/CVE-2023-5869
- https://ubuntu.com/security/CVE-2023-5869
Frequently Asked Questions
What is CVE-2023-5869?
CVE-2023-5869 is a vulnerability that allows for buffer overrun from integer overflow in array modification.
How severe is CVE-2023-5869?
CVE-2023-5869 has a severity level of high (7).
Which software versions are affected by CVE-2023-5869?
The affected software versions include postgresql-11, postgresql-13, postgresql-15, postgresql-16, PostgreSQL, and postgresql-14.
How can I fix CVE-2023-5869?
To fix CVE-2023-5869, update your PostgreSQL package to the recommended remedy versions provided by the source (debian, redhat, or ubuntu).
Where can I find more information about CVE-2023-5869?
You can find more information about CVE-2023-5869 at the following references: [link1], [link2], [link3].
- agent/first-publish-date
- agent/type
- agent/author
- agent/title
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/weakness
- collector/launchpad-cve
- source/Launchpad
- agent/severity
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-5869
- agent/software-canonical-lookup
- collector/ibm-support
- source/IBM
- collector/security-tracker-debian
- source/Debian
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/tags
- agent/softwarecombine
- agent/description
- agent/event
- collector/nvd-cve
- package-manager/redhat
- vendor/ibm
- canonical/ibm security guardium
- version/ibm security guardium/11.3
- version/ibm security guardium/11.4
- version/ibm security guardium/11.5
- version/ibm security guardium/12.0
- package-manager/debian
- vendor/postgresql
- canonical/postgresql postgresql
- version/postgresql postgresql/11.0
- version/postgresql postgresql/12.0
- version/postgresql postgresql/13.0
- version/postgresql postgresql/14.0
- version/postgresql postgresql/15.0
- version/postgresql postgresql/16.0
- vendor/redhat
- canonical/redhat codeready linux builder eus
- version/redhat codeready linux builder eus/9.2
- canonical/redhat codeready linux builder eus for power little endian eus
- version/redhat codeready linux builder eus for power little endian eus/9.0_ppc64le
- version/redhat codeready linux builder eus for power little endian eus/9.2_ppc64le
- canonical/redhat codeready linux builder for arm64 eus
- version/redhat codeready linux builder for arm64 eus/8.6_aarch64
- version/redhat codeready linux builder for arm64 eus/9.0_aarch64
- version/redhat codeready linux builder for arm64 eus/9.2_aarch64
- canonical/redhat codeready linux builder for ibm z systems eus
- version/redhat codeready linux builder for ibm z systems eus/9.0_s390x
- version/redhat codeready linux builder for ibm z systems eus/9.2_s390x
- canonical/redhat codeready linux builder for power little endian eus
- version/redhat codeready linux builder for power little endian eus/9.0_ppc64le
- version/redhat codeready linux builder for power little endian eus/9.2_ppc64le
- canonical/redhat software collections
- version/redhat software collections/1.0
- canonical/redhat enterprise linux
- version/redhat enterprise linux/8.0
- version/redhat enterprise linux/9.0
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/7.0
- canonical/redhat enterprise linux eus
- version/redhat enterprise linux eus/8.6
- version/redhat enterprise linux eus/8.8
- version/redhat enterprise linux eus/9.0
- version/redhat enterprise linux eus/9.2
- canonical/redhat enterprise linux for arm 64
- version/redhat enterprise linux for arm 64/8.0
- version/redhat enterprise linux for arm 64/8.8_aarch64
- canonical/redhat enterprise linux for ibm z systems
- version/redhat enterprise linux for ibm z systems/7.0_s390x
- version/redhat enterprise linux for ibm z systems/8.0_s390x
- canonical/redhat enterprise linux for ibm z systems eus
- version/redhat enterprise linux for ibm z systems eus/8.6_s390x
- version/redhat enterprise linux for ibm z systems eus/8.8_s390x
- version/redhat enterprise linux for ibm z systems eus/9.0_s390x
- version/redhat enterprise linux for ibm z systems eus/9.2_s390x
- canonical/redhat enterprise linux for power big endian
- version/redhat enterprise linux for power big endian/7.0_ppc64
- canonical/redhat enterprise linux for power little endian
- version/redhat enterprise linux for power little endian/7.0_ppc64le
- version/redhat enterprise linux for power little endian/8.0_ppc64le
- canonical/redhat enterprise linux for power little endian eus
- version/redhat enterprise linux for power little endian eus/8.6_ppc64le
- version/redhat enterprise linux for power little endian eus/8.8_ppc64le
- version/redhat enterprise linux for power little endian eus/9.0_ppc64le
- version/redhat enterprise linux for power little endian eus/9.2_ppc64le
- canonical/redhat enterprise linux for scientific computing
- version/redhat enterprise linux for scientific computing/7.0
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/7.0
- canonical/redhat enterprise linux server aus
- version/redhat enterprise linux server aus/8.2
- version/redhat enterprise linux server aus/8.4
- version/redhat enterprise linux server aus/8.6
- version/redhat enterprise linux server aus/9.2
- canonical/redhat enterprise linux server tus
- version/redhat enterprise linux server tus/8.2
- version/redhat enterprise linux server tus/8.4
- version/redhat enterprise linux server tus/8.6
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/7.0