CVE-2026-14178

openGauss 在处理带 NLS 参数的 totimestamp 调用时，totimestampwithfmtnls 会将 nlsfmtstr 保存到 usess-parsercxt.nlsfmtstr。在 seqscan + sort 执行路径下，该字符串原本被分配在 SeqScan 的表达式上下文中；当 SeqScan 完成后，该内存上下文会被 reset，但后续结果输出阶段 timestampout 仍会通过 CheckNlsFormat 访问 usess-parsercxt.nlsfmtstr，导致访问已释放内存。攻击者在具备数据库 SQL 执行权限的情况下，可构造特定...

CVE-2026-14178 openGauss存在非法内存访问导致DoS漏洞

openGauss 在处理带 NLS 参数的 totimestamp 调用时，totimestampwithfmtnls 会将 nlsfmtstr 保存到 usess-parsercxt.nlsfmtstr。在 seqscan + sort 执行路径下，该字符串原本被分配在 SeqScan 的表达式上下文中；当 SeqScan 完成后，该内存上下文会被 reset，但后续结果输出阶段 timestampout 仍会通过 CheckNlsFormat 访问 usess-parsercxt.nlsfmtstr，导致访问已释放内存。攻击者在具备数据库 SQL 执行权限的情况下，可构造特定...

CVE-2026-14178

openGauss 在处理带 NLS 参数的 totimestamp 调用时，totimestampwithfmtnls 会将 nlsfmtstr 保存到 usess-parsercxt.nlsfmtstr。在 seqscan + sort 执行路径下，该字符串原本被分配在 SeqScan 的表达式上下文中；当 SeqScan 完成后，该内存上下文会被 reset，但后续结果输出阶段 timestampout 仍会通过 CheckNlsFormat 访问 usess-parsercxt.nlsfmtstr，导致访问已释放内存。攻击者在具备数据库 SQL 执行权限的情况下，可构造特定...

CVE-2026-14178

openGauss contains a heap-use-after-free in to_timestamp handling when an NLS parameter is used, triggered in the seqscan+sort path by saving nls_fmt_str in the session parser context and referencing it after the SeqScan expression context is reset. Attack requires database SQL execution permissi...

EUVD-2026-40326

openGauss 在处理带 NLS 参数的 totimestamp 调用时，totimestampwithfmtnls 会将 nlsfmtstr 保存到 usess-parsercxt.nlsfmtstr。在 seqscan + sort 执行路径下，该字符串原本被分配在 SeqScan 的表达式上下文中；当 SeqScan 完成后，该内存上下文会被 reset，但后续结果输出阶段 timestampout 仍会通过 CheckNlsFormat 访问 usess-parsercxt.nlsfmtstr，导致访问已释放内存。攻击者在具备数据库 SQL 执行权限的情况下，可构造特定...

CVE-2024-40575

An issue in Huawei Technologies opengauss openGauss 5.0.0 build v.7.3.0 allows a local attacker to cause a denial of service via the modification of table attributes...

Huawei Technologies has an unspecified vulnerability

Huawei openGauss is China's Huawei Huawei company an open source relational database management system . A security vulnerability exists in Huawei openGauss, which can be exploited by an attacker to cause a denial of service by modifying table properties...

CVE-2024-40575

An issue in Huawei Technologies opengauss openGauss 5.0.0 build v.7.3.0 allows a local attacker to cause a denial of service via the modification of table attributes...

CVE-2024-40575

An issue in Huawei Technologies opengauss openGauss 5.0.0 build v.7.3.0 allows a local attacker to cause a denial of service via the modification of table attributes...

CVE-2024-40575

An issue in Huawei Technologies opengauss openGauss 5.0.0 build v.7.3.0 allows a local attacker to cause a denial of service via the modification of table attributes...

Huawei openGauss 安全漏洞

Huawei openGauss is an open source relational database management system from Huawei China. A security vulnerability exists in Huawei openGauss version 5.0.0, which originates from a vulnerability that could allow a local attacker to cause a denial of service by modifying table properties...

CVE-2024-40575

CVE-2024-40575 affects Huawei openGauss (openGauss 5.0.0 build) with v7.3.0. The issue allows a local attacker to cause a denial of service by modifying table attributes. Root cause is described as a modification of table attributes, leading to DoS. Some sources (e.g., Red Hat CVE page) reiterate...

CVE-2024-40575

An issue in Huawei Technologies opengauss openGauss 5.0.0 build v.7.3.0 allows a local attacker to cause a denial of service via the modification of table attributes...

openGauss: Restricting the Permission for the postgresql.conf File

The configuration file postgresql.conf stores the default database configuration. To prevent the parameters in the file from being tampered and protect customer information from security threats, this file directory must be protected and deny unauthorized user access. Copyright C 2020 Greenbone...

openGauss: Restricting the Permission for the Database Home Directory

$GAUSSHOME is the installation directory of openGauss. To prevent the installation package from being tampered or damaged and protect customer network from security threats, this directory must be protected and deny unauthorized user access. Copyright C 2020 Greenbone Networks GmbH Some text...

openGauss: Ensuring the Existence of the Socket File

Some application programs may search for the socket file in the /tmp directory to deceive the server. During the system startup, the socket file /tmp/ $ USER gaussdb/.s.PGSQL. $PGPORT is created by default to prevent some applications from creating or overwriting the socket file in the /tmp...

openGauss: Restricting the Permission for the ${GAUSSHOME}/share Directory

The $GAUSSHOME /share directory stores the shared components of openGauss. To prevent them from being tampered or damaged, the directory must be protected and deny unauthorized user access. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced source...

openGauss: Restricting the Permission for the pg_hba.conf File

The configuration file pghba.conf stores the configuration information about database connections. To prevent the parameters in the file from being tampered and protect customer information from security threats, this file directory must be protected and deny unauthorized user access. Copyright C...

openGauss: Restricting the Permission for the data Directory

The best solution to prevent TCP server spoofing is to use the SSL certificate and ensure that the server certificate is verified on the client. Therefore, the server must be configured to use only the hostssl connection, and the server.key key and server.crt certificate files using the SSL must ...

openGauss: Ensuring the Existence of the server.crt File

The best solution to prevent TCP server spoofing is to use the SSL certificate and ensure that the server certificate is verified on the client. Therefore, the server must be configured to use only the hostssl connection, and the server.key key and server.crt certificate files using the SSL must ...