CVE-2023-5869

CVSS V2 None CVSS V3 None

Description

A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory.

Overview

CVE ID
CVE-2023-5869

Assigner
redhat

Vulnerability Status
PUBLISHED

Published Version
2023-12-10T17:56:57.131Z

Last Modified Date
2024-05-01T20:21:31.327Z

Weakness Enumerations

CWE	URL
CWE-190	http://cwe.mitre.org/data/definitions/190.html

References

Reference URL	Reference Tags
https://access.redhat.com/errata/RHSA-2023:7545	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7579	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7580	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7581	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7616	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7656	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7666	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7667	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7694	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7695	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7714	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7770	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7771	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7772	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7778	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7783	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7784	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7785	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7786	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7788	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7789	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7790	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7878	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7883	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7884	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7885	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0304	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0332	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0337	vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-5869	vdb-entry x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2247169	issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20240119-0003/
https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/
https://www.postgresql.org/support/security/CVE-2023-5869/

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-5869
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5869

History

Created	Old Value	New Value	Data Type	Notes
2024-06-25 05:02:07				Added to TrackCVE