Postgresql: role pg_signal_backend can signal certain superuser processes.
CVE-2023-5870

2.2LOW

Key Information:

Vendor
Red Hat
Status
Red Hat Advanced Cluster Security 4.2
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 8.2 Advanced Update Support
Red Hat Enterprise Linux 8.2 Telecommunications Update Service
Vendor
CVE Published:
10 December 2023

Summary

A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.

Affected Version(s)

Red Hat Advanced Cluster Security 4.2 4.2.4-6

Red Hat Advanced Cluster Security 4.2 4.2.4-6

Red Hat Advanced Cluster Security 4.2 4.2.4-7

References

https://access.redhat.com/errata/RHSA-2023:7545
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7579
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7580
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
2.2
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database

Credit

Upstream acknowledges Hemanth Sandrana and Mahendrakar Srinivasarao as the original reporters.
.