Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ALAS-2020-1442

Related Vulnerabilities: CVE-2019-10130   CVE-2019-10208   CVE-2020-14350  

PostgreSQL maintains column statistics for tables. Certain statistics, such as histograms and lists of most common values, contain values taken from the column. PostgreSQL does not evaluate row security policies before consulting those statistics during query planning; an attacker can exploit this to read the most common values of certain columns. Affected columns are those for which the attacker has SELECT privilege and for which, in an ordinary query, row-level security prunes the set of rows visible to the attacker. (CVE-2019-10130) A flaw was discovered in postgresql where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function. An attacker, with EXECUTE permission on the function, can execute arbitrary SQL as the owner of the function. (CVE-2019-10208) It was found that some PostgreSQL extensions did not use search_path safely in their installation script. An attacker with sufficient privileges could use this flaw to trick an administrator into executing a specially crafted script, during the installation or update of such extension. This affects PostgreSQL versions before 12.4, before 11.9, before 10.14, before 9.6.19, and before 9.5.23. (CVE-2020-14350)

Source

ALAS-2020-1442

Amazon Linux AMI Security Advisory: ALAS-2020-1442
Advisory Release Date: 2020-10-26 18:27 Pacific
Advisory Updated Date: 2020-10-27 21:18 Pacific
Severity: Medium
Issue Overview:

PostgreSQL maintains column statistics for tables. Certain statistics, such as histograms and lists of most common values, contain values taken from the column. PostgreSQL does not evaluate row security policies before consulting those statistics during query planning; an attacker can exploit this to read the most common values of certain columns. Affected columns are those for which the attacker has SELECT privilege and for which, in an ordinary query, row-level security prunes the set of rows visible to the attacker. (CVE-2019-10130)

A flaw was discovered in postgresql where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function. An attacker, with EXECUTE permission on the function, can execute arbitrary SQL as the owner of the function. (CVE-2019-10208)

It was found that some PostgreSQL extensions did not use search_path safely in their installation script. An attacker with sufficient privileges could use this flaw to trick an administrator into executing a specially crafted script, during the installation or update of such extension. This affects PostgreSQL versions before 12.4, before 11.9, before 10.14, before 9.6.19, and before 9.5.23. (CVE-2020-14350)


Affected Packages:

postgresql95


Issue Correction:
Run yum update postgresql95 to update your system.

New Packages:
i686:
    postgresql95-test-9.5.23-1.81.amzn1.i686
    postgresql95-server-9.5.23-1.81.amzn1.i686
    postgresql95-plpython26-9.5.23-1.81.amzn1.i686
    postgresql95-contrib-9.5.23-1.81.amzn1.i686
    postgresql95-static-9.5.23-1.81.amzn1.i686
    postgresql95-docs-9.5.23-1.81.amzn1.i686
    postgresql95-libs-9.5.23-1.81.amzn1.i686
    postgresql95-9.5.23-1.81.amzn1.i686
    postgresql95-debuginfo-9.5.23-1.81.amzn1.i686
    postgresql95-devel-9.5.23-1.81.amzn1.i686
    postgresql95-plpython27-9.5.23-1.81.amzn1.i686
    postgresql95-plperl-9.5.23-1.81.amzn1.i686

src:
    postgresql95-9.5.23-1.81.amzn1.src

x86_64:
    postgresql95-docs-9.5.23-1.81.amzn1.x86_64
    postgresql95-plpython27-9.5.23-1.81.amzn1.x86_64
    postgresql95-libs-9.5.23-1.81.amzn1.x86_64
    postgresql95-static-9.5.23-1.81.amzn1.x86_64
    postgresql95-test-9.5.23-1.81.amzn1.x86_64
    postgresql95-plperl-9.5.23-1.81.amzn1.x86_64
    postgresql95-plpython26-9.5.23-1.81.amzn1.x86_64
    postgresql95-9.5.23-1.81.amzn1.x86_64
    postgresql95-debuginfo-9.5.23-1.81.amzn1.x86_64
    postgresql95-server-9.5.23-1.81.amzn1.x86_64
    postgresql95-contrib-9.5.23-1.81.amzn1.x86_64
    postgresql95-devel-9.5.23-1.81.amzn1.x86_64

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started