CVE-2023-5869 Information
Description
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system allowing users to write arbitrary bytes to memory and extensively read the server’s memory.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Reference
https://access.redhat.com/errata/RHSA-2023:7545 https://access.redhat.com/errata/RHSA-2023:7579 https://access.redhat.com/errata/RHSA-2023:7580 https://access.redhat.com/errata/RHSA-2023:7581 https://access.redhat.com/errata/RHSA-2023:7616 https://access.redhat.com/errata/RHSA-2023:7656 https://access.redhat.com/errata/RHSA-2023:7666 https://access.redhat.com/errata/RHSA-2023:7667 https://access.redhat.com/errata/RHSA-2023:7694 https://access.redhat.com/errata/RHSA-2023:7695 https://access.redhat.com/security/cve/CVE-2023-5869 https://bugzilla.redhat.com/show_bug.cgi?id=2247169 https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/ https://www.postgresql.org/support/security/CVE-2023-5869/ https://access.redhat.com/errata/RHSA-2023:7714 https://access.redhat.com/errata/RHSA-2023:7770 https://access.redhat.com/errata/RHSA-2023:7771 https://access.redhat.com/errata/RHSA-2023:7772 https://access.redhat.com/errata/RHSA-2023:7778 https://access.redhat.com/errata/RHSA-2023:7783 https://access.redhat.com/errata/RHSA-2023:7784 https://access.redhat.com/errata/RHSA-2023:7785 https://access.redhat.com/errata/RHSA-2023:7786 https://access.redhat.com/errata/RHSA-2023:7788 https://access.redhat.com/errata/RHSA-2023:7789 https://access.redhat.com/errata/RHSA-2023:7790
Attack Complexity
LOW
Privileges Required
LOW
User Interaction Required
LOW
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
8.8
Share on: