FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

PostgreSQL server -- two security issues

Affected packages
postgresql13-server < 13.3
postgresql12-server < 12.7
postgresql11-server < 11.12
postgresql10-server < 10.17
postgresql96-server < 9.6.22

Details

VuXML ID 62da9702-b4cc-11eb-b9c9-6cc21735f730
Discovery 2021-05-13
Entry 2021-05-14

The PostgreSQL project reports:

Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE

Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, an attacker can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can create prerequisite objects and complete this attack at will. A user lacking the CREATE and TEMPORARY privileges on all databases and the CREATE privilege on all schemas cannot use this attack at will..

[source]

Buffer overrun from integer overflow in array subscripting calculations

While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory.

[source]

References

URL https://www.postgresql.org/support/security/CVE-2021-32027/
URL https://www.postgresql.org/support/security/CVE-2021-32028/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.