Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ALASPOSTGRESQL14-2023-001

Related Vulnerabilities: CVE-2022-41862   CVE-2023-2454   CVE-2023-2455  

postgresql: Client memory disclosure when connecting with Kerberos to modified server (CVE-2022-41862) This enabled an attacker having database-level CREATE privilege to execute arbitrary code as the bootstrap superuser. Database owners have that right by default, and explicit grants may extend it to other users. (CVE-2023-2454) While CVE-2016-2193 fixed most interaction between row security and user ID changes, it missed a scenario involving function inlining. This leads to potentially incorrect policies being applied in cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy. (CVE-2023-2455)

Source

ALASPOSTGRESQL14-2023-001

Amazon Linux 2 Security Advisory: ALASPOSTGRESQL14-2023-001
Advisory Release Date: 2023-08-07 05:59 Pacific
Advisory Updated Date: 2023-09-25 22:05 Pacific
Severity: Important
Issue Overview:

postgresql: Client memory disclosure when connecting with Kerberos to modified server (CVE-2022-41862)

This enabled an attacker having database-level CREATE privilege to execute arbitrary code as the bootstrap superuser. Database owners have that right by default, and explicit grants may extend it to other users. (CVE-2023-2454)

While CVE-2016-2193 fixed most interaction between row security and user ID changes, it missed a scenario involving function inlining. This leads to potentially incorrect policies being applied in cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy. (CVE-2023-2455)


Affected Packages:

postgresql


Issue Correction:
Run yum update postgresql to update your system.

New Packages:
aarch64:
    postgresql-14.8-1.amzn2.0.1.aarch64
    postgresql-server-14.8-1.amzn2.0.1.aarch64
    postgresql-docs-14.8-1.amzn2.0.1.aarch64
    postgresql-contrib-14.8-1.amzn2.0.1.aarch64
    postgresql-server-devel-14.8-1.amzn2.0.1.aarch64
    postgresql-static-14.8-1.amzn2.0.1.aarch64
    postgresql-upgrade-14.8-1.amzn2.0.1.aarch64
    postgresql-upgrade-devel-14.8-1.amzn2.0.1.aarch64
    postgresql-plperl-14.8-1.amzn2.0.1.aarch64
    postgresql-plpython3-14.8-1.amzn2.0.1.aarch64
    postgresql-pltcl-14.8-1.amzn2.0.1.aarch64
    postgresql-test-14.8-1.amzn2.0.1.aarch64
    postgresql-llvmjit-14.8-1.amzn2.0.1.aarch64
    postgresql-debuginfo-14.8-1.amzn2.0.1.aarch64

noarch:
    postgresql-test-rpm-macros-14.8-1.amzn2.0.1.noarch

src:
    postgresql-14.8-1.amzn2.0.1.src

x86_64:
    postgresql-14.8-1.amzn2.0.1.x86_64
    postgresql-server-14.8-1.amzn2.0.1.x86_64
    postgresql-docs-14.8-1.amzn2.0.1.x86_64
    postgresql-contrib-14.8-1.amzn2.0.1.x86_64
    postgresql-server-devel-14.8-1.amzn2.0.1.x86_64
    postgresql-static-14.8-1.amzn2.0.1.x86_64
    postgresql-upgrade-14.8-1.amzn2.0.1.x86_64
    postgresql-upgrade-devel-14.8-1.amzn2.0.1.x86_64
    postgresql-plperl-14.8-1.amzn2.0.1.x86_64
    postgresql-plpython3-14.8-1.amzn2.0.1.x86_64
    postgresql-pltcl-14.8-1.amzn2.0.1.x86_64
    postgresql-test-14.8-1.amzn2.0.1.x86_64
    postgresql-llvmjit-14.8-1.amzn2.0.1.x86_64
    postgresql-debuginfo-14.8-1.amzn2.0.1.x86_64

Additional References

Red Hat: CVE-2022-41862, CVE-2023-2454, CVE-2023-2455

Mitre: CVE-2022-41862, CVE-2023-2454, CVE-2023-2455

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started