postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL

🗓️ 11 Mar 2024 01:12:06Reported by RedHatType

redhat

redhat🔗 access.redhat.com👁 1 Views

Non-owners can trigger arbitrary SQL via REFRESH MATERIALIZED VIEW CONCURRENTLY, executing as the view owner.

Reporter	Title	Published	Views	Family All 341
FreeBSD	postgresql-server -- non-owner REFRESH MATERIALIZED VIEW CONCURRENTLY executes arbitrary SQL	8 Feb 202400:00	–	freebsd
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities	26 Mar 202504:11	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Observability with Instana (OnPrem) is affected by multiple security vulnerabilities	10 Jul 202407:59	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Guardium is affected by a PostgreSQL vulnerability (CVE-2024-0985)	15 Jul 202419:53	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Sterling Connect:Direct Web Services is vulnerable to security bypass due to PostgreSQL (CVE-2024-0985)	6 May 202404:19	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Apache Commons Compress and PostgreSQL might affect IBM Storage Copy Data Management	30 Apr 202421:45	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities Affected for EDB	21 Jul 202513:52	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to security restrictions bypass in PostgreSQL [CVE-2024-0985]	25 Apr 202418:23	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities Affected for EDB	21 Jul 202513:54	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple PostgreSQL Vulnerabilities Affect IBM Storage Scale System	21 Jun 202415:45	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
Red Hat Enterprise Linux	9.0	aarch64	postgresql	0:13.14-1.el9_0	postgresql-0:13.14-1.el9_0.aarch64.rpm
Red Hat Enterprise Linux	9.0	ppc64le	postgresql	0:13.14-1.el9_0	postgresql-0:13.14-1.el9_0.ppc64le.rpm
Red Hat Enterprise Linux	9.0	s390x	postgresql	0:13.14-1.el9_0	postgresql-0:13.14-1.el9_0.s390x.rpm
Red Hat Enterprise Linux	9.0	x86_64	postgresql	0:13.14-1.el9_0	postgresql-0:13.14-1.el9_0.x86_64.rpm
Red Hat Enterprise Linux	9.0	aarch64	postgresql-contrib	0:13.14-1.el9_0	postgresql-contrib-0:13.14-1.el9_0.aarch64.rpm
Red Hat Enterprise Linux	9.0	ppc64le	postgresql-contrib	0:13.14-1.el9_0	postgresql-contrib-0:13.14-1.el9_0.ppc64le.rpm
Red Hat Enterprise Linux	9.0	s390x	postgresql-contrib	0:13.14-1.el9_0	postgresql-contrib-0:13.14-1.el9_0.s390x.rpm
Red Hat Enterprise Linux	9.0	x86_64	postgresql-contrib	0:13.14-1.el9_0	postgresql-contrib-0:13.14-1.el9_0.x86_64.rpm
Red Hat Enterprise Linux	9.0	aarch64	postgresql-contrib-debuginfo	0:13.14-1.el9_0	postgresql-contrib-debuginfo-0:13.14-1.el9_0.aarch64.rpm
Red Hat Enterprise Linux	9.0	ppc64le	postgresql-contrib-debuginfo	0:13.14-1.el9_0	postgresql-contrib-debuginfo-0:13.14-1.el9_0.ppc64le.rpm

Source	Link
access	www.access.redhat.com/security/cve/CVE-2024-0985
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-0985
cve	www.cve.org/CVERecord

18 Mar 2026 02:33Current

7.5High risk

Vulners AI Score7.5

CVSS 3.18

EPSS0.00753

SSVC

postgresql refresh materialized view privilege escalation arbitrary sql concurrent refresh materialized view owner