67 matches found
CVE-2026-14178
openGauss 在处理带 NLS 参数的 totimestamp 调用时,totimestampwithfmtnls 会将 nlsfmtstr 保存到 usess-parsercxt.nlsfmtstr。在 seqscan + sort 执行路径下,该字符串原本被分配在 SeqScan 的表达式上下文中;当 SeqScan 完成后,该内存上下文会被 reset,但后续结果输出阶段 timestampout 仍会通过 CheckNlsFormat 访问 usess-parsercxt.nlsfmtstr,导致访问已释放内存。攻击者在具备数据库 SQL 执行权限的情况下,可构造特定...
CVE-2026-14178
openGauss 在处理带 NLS 参数的 totimestamp 调用时,totimestampwithfmtnls 会将 nlsfmtstr 保存到 usess-parsercxt.nlsfmtstr。在 seqscan + sort 执行路径下,该字符串原本被分配在 SeqScan 的表达式上下文中;当 SeqScan 完成后,该内存上下文会被 reset,但后续结果输出阶段 timestampout 仍会通过 CheckNlsFormat 访问 usess-parsercxt.nlsfmtstr,导致访问已释放内存。攻击者在具备数据库 SQL 执行权限的情况下,可构造特定...
CVE-2026-14178
openGauss contains a heap-use-after-free in to_timestamp handling when an NLS parameter is used, triggered in the seqscan+sort path by saving nls_fmt_str in the session parser context and referencing it after the SeqScan expression context is reset. Attack requires database SQL execution permissi...
EUVD-2026-40326
openGauss 在处理带 NLS 参数的 totimestamp 调用时,totimestampwithfmtnls 会将 nlsfmtstr 保存到 usess-parsercxt.nlsfmtstr。在 seqscan + sort 执行路径下,该字符串原本被分配在 SeqScan 的表达式上下文中;当 SeqScan 完成后,该内存上下文会被 reset,但后续结果输出阶段 timestampout 仍会通过 CheckNlsFormat 访问 usess-parsercxt.nlsfmtstr,导致访问已释放内存。攻击者在具备数据库 SQL 执行权限的情况下,可构造特定...
CVE-2026-14178 openGauss存在非法内存访问导致DoS漏洞
openGauss 在处理带 NLS 参数的 totimestamp 调用时,totimestampwithfmtnls 会将 nlsfmtstr 保存到 usess-parsercxt.nlsfmtstr。在 seqscan + sort 执行路径下,该字符串原本被分配在 SeqScan 的表达式上下文中;当 SeqScan 完成后,该内存上下文会被 reset,但后续结果输出阶段 timestampout 仍会通过 CheckNlsFormat 访问 usess-parsercxt.nlsfmtstr,导致访问已释放内存。攻击者在具备数据库 SQL 执行权限的情况下,可构造特定...
CVE-2024-40575
An issue in Huawei Technologies opengauss openGauss 5.0.0 build v.7.3.0 allows a local attacker to cause a denial of service via the modification of table attributes...
Huawei Technologies has an unspecified vulnerability
Huawei openGauss is China's Huawei Huawei company an open source relational database management system . A security vulnerability exists in Huawei openGauss, which can be exploited by an attacker to cause a denial of service by modifying table properties...
CVE-2024-40575
An issue in Huawei Technologies opengauss openGauss 5.0.0 build v.7.3.0 allows a local attacker to cause a denial of service via the modification of table attributes...
CVE-2024-40575
An issue in Huawei Technologies opengauss openGauss 5.0.0 build v.7.3.0 allows a local attacker to cause a denial of service via the modification of table attributes...
CVE-2024-40575
An issue in Huawei Technologies opengauss openGauss 5.0.0 build v.7.3.0 allows a local attacker to cause a denial of service via the modification of table attributes...
Huawei openGauss 安全漏洞
Huawei openGauss is an open source relational database management system from Huawei China. A security vulnerability exists in Huawei openGauss version 5.0.0, which originates from a vulnerability that could allow a local attacker to cause a denial of service by modifying table properties...
CVE-2024-40575
An issue in Huawei Technologies opengauss openGauss 5.0.0 build v.7.3.0 allows a local attacker to cause a denial of service via the modification of table attributes...
CVE-2024-40575
CVE-2024-40575 affects Huawei openGauss (openGauss 5.0.0 build) with v7.3.0. The issue allows a local attacker to cause a denial of service by modifying table attributes. Root cause is described as a modification of table attributes, leading to DoS. Some sources (e.g., Red Hat CVE page) reiterate...
openGauss: Ensuring the Existence of the server.crt File
The best solution to prevent TCP server spoofing is to use the SSL certificate and ensure that the server certificate is verified on the client. Therefore, the server must be configured to use only the hostssl connection, and the server.key key and server.crt certificate files using the SSL must ...
openGauss: Restricting the Permission for the ${GAUSSHOME}/bin Directory
The $GAUSSHOME/bin directory stores database binary files. To prevent them from being tampered or damaged and protect customer information from security threats, this directory must be protected and deny unauthorized user access. Copyright C 2020 Greenbone Networks GmbH Some text descriptions mig...
openGauss: Configuring Kerberos Authentication in openGauss
Use gsom to enable and disable Kerberos authentication in openGauss. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
openGauss: Restricting the Permission for the Database Home Directory
$GAUSSHOME is the installation directory of openGauss. To prevent the installation package from being tampered or damaged and protect customer network from security threats, this directory must be protected and deny unauthorized user access. Copyright C 2020 Greenbone Networks GmbH Some text...
openGauss: Restricting the Permission for the data Directory
The best solution to prevent TCP server spoofing is to use the SSL certificate and ensure that the server certificate is verified on the client. Therefore, the server must be configured to use only the hostssl connection, and the server.key key and server.crt certificate files using the SSL must ...
openGauss: Restricting the Permission for the pg_hba.conf File
The configuration file pghba.conf stores the configuration information about database connections. To prevent the parameters in the file from being tampered and protect customer information from security threats, this file directory must be protected and deny unauthorized user access. Copyright C...
openGauss: Restricting the Permission for the postgresql.conf File
The configuration file postgresql.conf stores the default database configuration. To prevent the parameters in the file from being tampered and protect customer information from security threats, this file directory must be protected and deny unauthorized user access. Copyright C 2020 Greenbone...