MITRECVE-2023-5869CVE-2023-5869
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server’s memory.
References
access.redhat.com/errata/RHSA-2023:7545
access.redhat.com/errata/RHSA-2023:7579
access.redhat.com/errata/RHSA-2023:7580
access.redhat.com/errata/RHSA-2023:7581
access.redhat.com/errata/RHSA-2023:7616
access.redhat.com/errata/RHSA-2023:7656
access.redhat.com/errata/RHSA-2023:7666
access.redhat.com/errata/RHSA-2023:7667
access.redhat.com/errata/RHSA-2023:7694
access.redhat.com/errata/RHSA-2023:7695
access.redhat.com/errata/RHSA-2023:7714
access.redhat.com/errata/RHSA-2023:7770
access.redhat.com/errata/RHSA-2023:7771
access.redhat.com/errata/RHSA-2023:7772
access.redhat.com/errata/RHSA-2023:7778
access.redhat.com/errata/RHSA-2023:7783
access.redhat.com/errata/RHSA-2023:7784
access.redhat.com/errata/RHSA-2023:7785
access.redhat.com/errata/RHSA-2023:7786
access.redhat.com/errata/RHSA-2023:7788
access.redhat.com/errata/RHSA-2023:7789
access.redhat.com/errata/RHSA-2023:7790
access.redhat.com/errata/RHSA-2023:7878
access.redhat.com/errata/RHSA-2023:7883
access.redhat.com/errata/RHSA-2023:7884
access.redhat.com/errata/RHSA-2023:7885
access.redhat.com/errata/RHSA-2024:0304
access.redhat.com/errata/RHSA-2024:0332
access.redhat.com/errata/RHSA-2024:0337
access.redhat.com/security/cve/CVE-2023-5869
bugzilla.redhat.com/show_bug.cgi?id=2247169
security.netapp.com/advisory/ntap-20240119-0003/
www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/
www.postgresql.org/support/security/CVE-2023-5869/
Related
