Lucene search

K
prionPRIOn knowledge basePRION:CVE-2023-5870
HistoryDec 10, 2023 - 6:15 p.m.

Design/Logic Flaw

2023-12-1018:15:00
PRIOn knowledge base
www.prio-n.com
12
postgresql
pg_cancel_backend
background workers
denial of service
high privileged user
logical replication launcher

6.7 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

46.9%

A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.

References