CVE-2023-5869: Postgresql: buffer overrun from integer overflow in array modification
First published: Tue Oct 31 2023(Updated: )
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/PostgreSQL | <16.1 | 16.1 |
| redhat/PostgreSQL | <15.5 | 15.5 |
| redhat/PostgreSQL | <14.10 | 14.10 |
| redhat/PostgreSQL | <13.13 | 13.13 |
| redhat/PostgreSQL | <12.17 | 12.17 |
| redhat/PostgreSQL | <11.22 | 11.22 |
| debian/postgresql-13 | 13.16-0+deb11u1 | |
| debian/postgresql-15 | 15.8-0+deb12u1 | |
| debian/postgresql-16 | 16.4-1 | |
| IBM InfoSphere Guardium z/OS | <=11.3 | |
| IBM InfoSphere Guardium z/OS | <=11.4 | |
| IBM InfoSphere Guardium z/OS | <=11.5 | |
| IBM InfoSphere Guardium z/OS | <=12.0 | |
| PostgreSQL Common | >=11.0<11.22 | |
| PostgreSQL Common | >=12.0<12.17 | |
| PostgreSQL Common | >=13.0<13.13 | |
| PostgreSQL Common | >=14.0<14.10 | |
| PostgreSQL Common | >=15.0<15.5 | |
| PostgreSQL Common | =16.0 | |
| Red Hat CodeReady Linux Builder | =9.2 | |
| Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support | =9.0_ppc64le | |
| Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support | =9.2_ppc64le | |
| Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support | =8.6_aarch64 | |
| Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support | =9.0_aarch64 | |
| Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support | =9.2_aarch64 | |
| Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support | =9.0_s390x | |
| Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support | =9.2_s390x | |
| Red Hat CodeReady Linux Builder for Power, little endian | =9.0_ppc64le | |
| Red Hat CodeReady Linux Builder for Power, little endian | =9.2_ppc64le | |
| Red Hat Software Collections | =1.0 | |
| Red Hat Enterprise Linux | =8.0 | |
| Red Hat Enterprise Linux | =9.0 | |
| Red Hat Enterprise Linux Desktop | =7.0 | |
| Red Hat Enterprise Linux Server EUS | =8.6 | |
| Red Hat Enterprise Linux Server EUS | =8.8 | |
| Red Hat Enterprise Linux Server EUS | =9.0 | |
| Red Hat Enterprise Linux Server EUS | =9.2 | |
| Red Hat Enterprise Linux | =8.0 | |
| Red Hat Enterprise Linux | =8.8_aarch64 | |
| Red Hat Enterprise Linux for IBM Z Systems | =7.0_s390x | |
| Red Hat Enterprise Linux for IBM Z Systems | =8.0_s390x | |
| Red Hat Enterprise Linux for IBM Z Systems (s390x) | =8.6_s390x | |
| Red Hat Enterprise Linux for IBM Z Systems (s390x) | =8.8_s390x | |
| Red Hat Enterprise Linux for IBM Z Systems (s390x) | =9.0_s390x | |
| Red Hat Enterprise Linux for IBM Z Systems (s390x) | =9.2_s390x | |
| Red Hat Enterprise Linux for Power, big endian | =7.0_ppc64 | |
| Red Hat Enterprise Linux for Power, little endian | =7.0_ppc64le | |
| Red Hat Enterprise Linux for Power, little endian | =8.0_ppc64le | |
| Red Hat Enterprise Linux for Power, little endian - Extended Update Support | =8.6_ppc64le | |
| Red Hat Enterprise Linux for Power, little endian - Extended Update Support | =8.8_ppc64le | |
| Red Hat Enterprise Linux for Power, little endian - Extended Update Support | =9.0_ppc64le | |
| Red Hat Enterprise Linux for Power, little endian - Extended Update Support | =9.2_ppc64le | |
| Red Hat Enterprise Linux for Scientific Computing | =7.0 | |
| Red Hat Enterprise Linux Server | =7.0 | |
| Red Hat Enterprise Linux Server | =8.2 | |
| Red Hat Enterprise Linux Server | =8.4 | |
| Red Hat Enterprise Linux Server | =8.6 | |
| Red Hat Enterprise Linux Server | =9.2 | |
| Red Hat Enterprise Linux Server | =8.2 | |
| Red Hat Enterprise Linux Server | =8.4 | |
| Red Hat Enterprise Linux Server | =8.6 | |
| Red Hat Enterprise Linux Workstation | =7.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=2247169
- https://access.redhat.com/errata/RHSA-2023:7545
- https://access.redhat.com/errata/RHSA-2023:7579
- https://access.redhat.com/errata/RHSA-2023:7580
- https://access.redhat.com/errata/RHSA-2023:7581
- https://access.redhat.com/errata/RHSA-2023:7616
- https://access.redhat.com/errata/RHSA-2023:7656
- https://access.redhat.com/errata/RHSA-2023:7666
- https://access.redhat.com/errata/RHSA-2023:7667
- https://access.redhat.com/errata/RHSA-2023:7694
- https://access.redhat.com/errata/RHSA-2023:7695
- https://access.redhat.com/security/cve/CVE-2023-5869
- https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/
- https://www.postgresql.org/support/security/CVE-2023-5869/
- https://access.redhat.com/errata/RHSA-2023:7714
- https://access.redhat.com/errata/RHSA-2023:7770
- https://access.redhat.com/errata/RHSA-2023:7771
- https://access.redhat.com/errata/RHSA-2023:7772
- https://access.redhat.com/errata/RHSA-2023:7778
- https://access.redhat.com/errata/RHSA-2023:7783
- https://access.redhat.com/errata/RHSA-2023:7784
- https://access.redhat.com/errata/RHSA-2023:7785
- https://access.redhat.com/errata/RHSA-2023:7786
- https://access.redhat.com/errata/RHSA-2023:7788
- https://access.redhat.com/errata/RHSA-2023:7789
- https://access.redhat.com/errata/RHSA-2023:7790
- https://access.redhat.com/errata/RHSA-2023:7878
- https://access.redhat.com/errata/RHSA-2023:7883
- https://access.redhat.com/errata/RHSA-2023:7884
- https://access.redhat.com/errata/RHSA-2023:7885
- https://access.redhat.com/errata/RHSA-2024:0304
- https://access.redhat.com/errata/RHSA-2024:0332
- https://security.netapp.com/advisory/ntap-20240119-0003/
- https://access.redhat.com/errata/RHSA-2024:0337
- https://launchpad.net/bugs/cve/CVE-2023-5869
- https://access.redhat.com/security/cve/CVE-2021-32027
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2249042
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2249041
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2249043
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2249044
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2249045
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2249046
- https://exchange.xforce.ibmcloud.com/vulnerabilities/271226
- https://www.ibm.com/support/pages/node/7150840 (Advisory)
- https://security-tracker.debian.org/tracker/CVE-2023-5869
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5869
- https://nvd.nist.gov/vuln/detail/CVE-2023-5869
- https://ubuntu.com/security/CVE-2023-5869
Frequently Asked Questions
What is CVE-2023-5869?
CVE-2023-5869 is a vulnerability that allows for buffer overrun from integer overflow in array modification.
How severe is CVE-2023-5869?
CVE-2023-5869 has a severity level of high (7).
Which software versions are affected by CVE-2023-5869?
The affected software versions include postgresql-11, postgresql-13, postgresql-15, postgresql-16, PostgreSQL, and postgresql-14.
How can I fix CVE-2023-5869?
To fix CVE-2023-5869, update your PostgreSQL package to the recommended remedy versions provided by the source (debian, redhat, or ubuntu).
Where can I find more information about CVE-2023-5869?
You can find more information about CVE-2023-5869 at the following references: [link1], [link2], [link3].
- agent/first-publish-date
- agent/type
- agent/title
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/weakness
- collector/launchpad-cve
- source/Launchpad
- agent/severity
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-5869
- agent/software-canonical-lookup
- collector/security-tracker-debian
- source/Debian
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/trending
- agent/source
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup-request
- agent/author
- agent/softwarecombine
- agent/tags
- collector/nvd-cve
- source/NVD
- collector/nvd-api
- package-manager/redhat
- package-manager/debian
- vendor/ibm
- canonical/ibm infosphere guardium z/os
- version/ibm infosphere guardium z/os/11.3
- version/ibm infosphere guardium z/os/11.4
- version/ibm infosphere guardium z/os/11.5
- version/ibm infosphere guardium z/os/12.0
- vendor/postgresql
- canonical/postgresql common
- version/postgresql common/11.0
- version/postgresql common/12.0
- version/postgresql common/13.0
- version/postgresql common/14.0
- version/postgresql common/15.0
- version/postgresql common/16.0
- vendor/redhat
- canonical/red hat codeready linux builder
- version/red hat codeready linux builder/9.2
- canonical/red hat codeready linux builder for power, little endian - extended update support
- version/red hat codeready linux builder for power, little endian - extended update support/9.0_ppc64le
- version/red hat codeready linux builder for power, little endian - extended update support/9.2_ppc64le
- canonical/red hat codeready linux builder for arm 64 - extended update support
- version/red hat codeready linux builder for arm 64 - extended update support/8.6_aarch64
- version/red hat codeready linux builder for arm 64 - extended update support/9.0_aarch64
- version/red hat codeready linux builder for arm 64 - extended update support/9.2_aarch64
- canonical/red hat codeready linux builder for ibm z systems - extended update support
- version/red hat codeready linux builder for ibm z systems - extended update support/9.0_s390x
- version/red hat codeready linux builder for ibm z systems - extended update support/9.2_s390x
- canonical/red hat codeready linux builder for power, little endian
- version/red hat codeready linux builder for power, little endian/9.0_ppc64le
- version/red hat codeready linux builder for power, little endian/9.2_ppc64le
- canonical/red hat software collections
- version/red hat software collections/1.0
- canonical/red hat enterprise linux
- version/red hat enterprise linux/8.0
- version/red hat enterprise linux/9.0
- canonical/red hat enterprise linux desktop
- version/red hat enterprise linux desktop/7.0
- canonical/red hat enterprise linux server eus
- version/red hat enterprise linux server eus/8.6
- version/red hat enterprise linux server eus/8.8
- version/red hat enterprise linux server eus/9.0
- version/red hat enterprise linux server eus/9.2
- version/red hat enterprise linux/8.8_aarch64
- canonical/red hat enterprise linux for ibm z systems
- version/red hat enterprise linux for ibm z systems/7.0_s390x
- version/red hat enterprise linux for ibm z systems/8.0_s390x
- canonical/red hat enterprise linux for ibm z systems (s390x)
- version/red hat enterprise linux for ibm z systems (s390x)/8.6_s390x
- version/red hat enterprise linux for ibm z systems (s390x)/8.8_s390x
- version/red hat enterprise linux for ibm z systems (s390x)/9.0_s390x
- version/red hat enterprise linux for ibm z systems (s390x)/9.2_s390x
- canonical/red hat enterprise linux for power, big endian
- version/red hat enterprise linux for power, big endian/7.0_ppc64
- canonical/red hat enterprise linux for power, little endian
- version/red hat enterprise linux for power, little endian/7.0_ppc64le
- version/red hat enterprise linux for power, little endian/8.0_ppc64le
- canonical/red hat enterprise linux for power, little endian - extended update support
- version/red hat enterprise linux for power, little endian - extended update support/8.6_ppc64le
- version/red hat enterprise linux for power, little endian - extended update support/8.8_ppc64le
- version/red hat enterprise linux for power, little endian - extended update support/9.0_ppc64le
- version/red hat enterprise linux for power, little endian - extended update support/9.2_ppc64le
- canonical/red hat enterprise linux for scientific computing
- version/red hat enterprise linux for scientific computing/7.0
- canonical/red hat enterprise linux server
- version/red hat enterprise linux server/7.0
- version/red hat enterprise linux server/8.2
- version/red hat enterprise linux server/8.4
- version/red hat enterprise linux server/8.6
- version/red hat enterprise linux server/9.2
- canonical/red hat enterprise linux workstation
- version/red hat enterprise linux workstation/7.0