The (1) brin_page_type and (2) brin_metapage_info functions in the pageinspect extension in PostgreSQL prior to 9.5.x prior to 9.5.2 allows malicious users to bypass intended access restrictions and consequently obtain sensitive server memory information or cause a denial of service (server crash) via a crafted bytea value in a BRIN index page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
postgresql postgresql 9.5.1 |
||
postgresql postgresql 9.5 |