CVE-2024-10979: PostgreSQL PL/Perl environment variable changes execute arbitrary code
First published: Thu Nov 14 2024(Updated: )
Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected.
Credit: f86ef6dc-4d3a-42ad-8f28-e6d5547a5007
| Affected Software | Affected Version | How to fix |
|---|---|---|
| PostgreSQL | >=12.0<12.21 | |
| PostgreSQL | >=13.0<13.17 | |
| PostgreSQL | >=14.0<14.14 | |
| PostgreSQL | >=15.0<15.9 | |
| PostgreSQL | >=16.0<16.5 | |
| PostgreSQL | >=17.0<17.1 | |
| debian/postgresql-13 | <=13.16-0+deb11u1 | 13.20-0+deb11u1 |
| debian/postgresql-15 | 15.12-0+deb12u2 15.10-0+deb12u1 | |
| debian/postgresql-17 | 17.4-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10979
- https://nvd.nist.gov/vuln/detail/CVE-2024-10979
- https://launchpad.net/bugs/cve/CVE-2024-10979
- https://security-tracker.debian.org/tracker/CVE-2024-10979
- https://ubuntu.com/security/CVE-2024-10979
- https://www.postgresql.org/support/security/CVE-2024-10979/
- https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=3ebcfa54db3309651d8f1d3be6451a8449f6c6ec
- https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=4cd4f3b97492c1b38115d0563a2e55b136eb542a
- https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=8d19f3fea003b1f744516b84cbdb0097ae7b2912
- https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=8fe3e697a1a83a722b107c7cb9c31084e1f4d077
- https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=88269df4da032bb1536d4291a13f3af4e1e599ba
- https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=168579e23bdbeda1a140440c0272b335d53ad061
- https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=64df8870097aa286363a5d81462802783abbfa61
- https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=e530835c6cc5b2dbf330ebe6b0a7fb9f19f5a54c
- https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=c834b375a6dc36ff92f9f738ef1d7af09d91165f
- https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=d15ec27c977100037ae513ab7fe1a214bfc2507b
- https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=f89bd92c963c3be30a1cf26960aa86aaad117235
- https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=256e34653aadd3582b98411d7d26f4fbb865e0ec
- https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=e428cd058f0bebb5782b0c263565b0ad088e9650
- https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=6bccd7b037d09b91ce272c68f43705e2fecd4cca
- https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=0bd9560d964abc09e446e4c5e264bb7a0886e5ea
- https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=2ab12d860e51e468703a2777b3759b7a61639df2
- https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=b1e58defb6a43fe35511eaa80858293b07c8b512
- https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=9fc1c3a02ddc4cf2a34550c0f985288cea7094bd
- https://access.redhat.com/errata/RHSA-2024:10595
- https://access.redhat.com/errata/RHSA-2024:10593
- https://access.redhat.com/errata/RHSA-2024:10677
- https://access.redhat.com/errata/RHSA-2024:10705
- https://access.redhat.com/errata/RHSA-2024:10736
- https://access.redhat.com/errata/RHSA-2024:10739
- https://access.redhat.com/errata/RHSA-2024:10750
- https://access.redhat.com/errata/RHSA-2024:10785
- https://access.redhat.com/errata/RHSA-2024:10788
- https://access.redhat.com/errata/RHSA-2024:10787
- https://access.redhat.com/errata/RHSA-2024:10789
- https://access.redhat.com/errata/RHSA-2024:10791
- https://access.redhat.com/errata/RHSA-2024:10800
- https://access.redhat.com/errata/RHSA-2024:10807
- https://access.redhat.com/errata/RHSA-2024:10827
- https://access.redhat.com/errata/RHSA-2024:10830
- https://access.redhat.com/errata/RHSA-2024:10832
- https://access.redhat.com/errata/RHSA-2024:10831
- https://access.redhat.com/errata/RHSA-2024:10846
- https://access.redhat.com/errata/RHSA-2024:10851
- https://access.redhat.com/errata/RHSA-2024:10879
- https://access.redhat.com/errata/RHSA-2024:10882
- https://bugzilla.redhat.com/show_bug.cgi?id=2326253
- https://github.com/fmora50591/postgresql-env-vuln/blob/main/README.md
- https://security.netapp.com/advisory/ntap-20250110-0003/
Frequently Asked Questions
What is the severity of CVE-2024-10979?
CVE-2024-10979 is considered a critical vulnerability due to the potential for arbitrary code execution.
How do I fix CVE-2024-10979?
To fix CVE-2024-10979, upgrade to PostgreSQL versions 13.18-0+deb11u1, 15.10-0+deb12u1, or 17.2-1.
What vulnerabilities are associated with CVE-2024-10979?
CVE-2024-10979 allows unprivileged users to modify sensitive process environment variables in PostgreSQL PL/Perl.
Who is affected by CVE-2024-10979?
Users of PostgreSQL versions earlier than 13.18, 15.10, or 17.2 who utilize PL/Perl may be affected by CVE-2024-10979.
What can happen if CVE-2024-10979 is exploited?
Exploitation of CVE-2024-10979 can lead to arbitrary code execution, compromising the security of the database server.
- agent/title
- agent/type
- agent/first-publish-date
- agent/author
- agent/severity
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2024-10979
- agent/trending
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/source
- agent/weakness
- agent/last-modified-date
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/usn-cve
- source/Ubuntu
- agent/description
- agent/event
- collector/security-tracker-debian
- source/Debian
- collector/nvd-cve
- vendor/postgresql
- canonical/postgresql
- version/postgresql/12.0
- version/postgresql/13.0
- version/postgresql/14.0
- version/postgresql/15.0
- version/postgresql/16.0
- version/postgresql/17.0
- package-manager/debian