CVE-2023-5869

Buffer overrun from integer overflow in array modification

While modifying certain SQL array values, missing overflow checks let authenticated database users write arbitrary bytes to a memory area that facilitates arbitrary code execution. Missing overflow checks also let authenticated database users read a wide area of server memory. The CVE-2021-32027 fix covered some attacks of this description, but it missed others.

The PostgreSQL project thanks Pedro Gallegos for reporting this problem.

Version Information

Affected Version Fixed In Fix Published
16 16.1 Nov. 9, 2023
15 15.5 Nov. 9, 2023
14 14.10 Nov. 9, 2023
13 13.13 Nov. 9, 2023
12 12.17 Nov. 9, 2023
11 11.22 Nov. 9, 2023

For more information about PostgreSQL versioning, please visit the versioning page.

CVSS 3.0

Overall Score 8.8
Component core server
Vector AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Reporting Security Vulnerabilities

If you wish to report a new security vulnerability in PostgreSQL, please send an email to security@postgresql.org.

For reporting non-security bugs, please see the Report a Bug page.