CVE-2023-5869 : A flaw was found in PostgreSQL that allows authenticated database users to execu

A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory.

Published 2023-12-10 18:15:07

Updated 2024-09-14 00:15:11

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: OverflowExecute code

Products affected by CVE-2023-5869

Redhat » Enterprise Linux » Version: 8.0
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux » Version: 9.0
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Desktop » Version: 7.0
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Eus » Version: 8.6
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Eus » Version: 9.0
cpe:2.3:o:redhat:enterprise_linux_eus:9.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Eus » Version: 8.8
cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Eus » Version: 9.2
cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server » Version: 7.0
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Workstation » Version: 7.0
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Aus » Version: 8.2
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Aus » Version: 8.4
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Aus » Version: 8.6
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Aus » Version: 9.2
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*
Matching versions
Redhat » Software Collections » Version: 1.0
cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Scientific Computing » Version: 7.0
cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Power Little Endian Eus » Version: 9.2 Ppc64le
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Power Little Endian Eus » Version: 8.8 Ppc64le
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Power Little Endian Eus » Version: 9.0 Ppc64le
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Power Little Endian Eus » Version: 8.6 Ppc64le
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6_ppc64le:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Power Little Endian » Version: 8.0 Ppc64le
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Power Little Endian » Version: 7.0 Ppc64le
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0_ppc64le:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Power Big Endian » Version: 7.0 Ppc64
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Ibm Z Systems Eus » Version: 8.8 S390x
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Ibm Z Systems Eus » Version: 9.2 S390x
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Ibm Z Systems Eus » Version: 9.0 S390x
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.0_s390x:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Ibm Z Systems Eus » Version: 8.6 S390x
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Ibm Z Systems » Version: 8.0 S390x
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Ibm Z Systems » Version: 7.0 S390x
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0_s390x:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Tus » Version: 8.2
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Tus » Version: 8.4
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Tus » Version: 8.6
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*
Matching versions
Redhat » Codeready Linux Builder Eus » Version: 9.2
cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:*:*:*:*:*:*:*
Matching versions
Redhat » Codeready Linux Builder For Power Little Endian Eus » Version: 9.2 Ppc64le
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*
Matching versions
Redhat » Codeready Linux Builder For Power Little Endian Eus » Version: 9.0 Ppc64le
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:*
Matching versions
Redhat » Codeready Linux Builder For Arm64 Eus » Version: 9.2 Aarch64
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.2_aarch64:*:*:*:*:*:*:*
Matching versions
Redhat » Codeready Linux Builder For Arm64 Eus » Version: 8.6 Aarch64
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:8.6_aarch64:*:*:*:*:*:*:*
Matching versions
Redhat » Codeready Linux Builder For Arm64 Eus » Version: 9.0 Aarch64
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.0_aarch64:*:*:*:*:*:*:*
Matching versions
Redhat » Codeready Linux Builder For Ibm Z Systems Eus » Version: 9.2 S390x
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*
Matching versions
Redhat » Codeready Linux Builder For Ibm Z Systems Eus » Version: 9.0 S390x
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.0_s390x:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Arm 64 » Version: 8.0
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux For Arm 64 » Version: 8.8 Aarch64
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.8_aarch64:*:*:*:*:*:*:*
Matching versions
Redhat » Codeready Linux Builder Eus For Power Little Endian Eus » Version: 9.2 Ppc64le
cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*
Matching versions
Redhat » Codeready Linux Builder Eus For Power Little Endian Eus » Version: 9.0 Ppc64le
cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:*
Matching versions
Postgresql » Postgresql
Versions from including (>=) 13.0 and before (<) 13.13
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
Matching versions
Postgresql » Postgresql
Versions from including (>=) 15.0 and before (<) 15.5
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
Matching versions
Postgresql » Postgresql
Versions from including (>=) 12.0 and before (<) 12.17
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
Matching versions
Postgresql » Postgresql
Versions from including (>=) 11.0 and before (<) 11.22
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
Matching versions
Postgresql » Postgresql
Versions from including (>=) 14.0 and before (<) 14.10
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
Matching versions
Postgresql » Postgresql » Version: 16.0
cpe:2.3:a:postgresql:postgresql:16.0:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2023-5869

EPSS FAQ

6.28%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 90 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-5869

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	2.8	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	2.8	5.9	Red Hat, Inc.
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2023-5869

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Assigned by: secalert@redhat.com (Secondary)
CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
Assigned by:
- nvd@nist.gov (Primary)
- secalert@redhat.com (Secondary)

References for CVE-2023-5869

https://access.redhat.com/errata/RHSA-2023:7714

RHSA-2023:7714 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
https://access.redhat.com/security/cve/CVE-2023-5869

CVE-2023-5869- Red Hat Customer Portal
Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7616

RHSA-2023:7616 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2023:7772

RHSA-2023:7772 - Security Advisory - Red Hat カスタマーポータル
Third Party Advisory

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2023:7784

RHSA-2023:7784 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2023:7581

RHSA-2023:7581 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2023:7885

RHSA-2023:7885 - Security Advisory - Red Hat カスタマーポータル

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2023:7545

RHSA-2023:7545 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2023:7790

RHSA-2023:7790 - Security Advisory - Red Hat Customer Portal
https://access.redhat.com/errata/RHSA-2023:7666

RHSA-2023:7666 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2023:7788

RHSA-2023:7788 - Security Advisory - Red Hat Customer Portal
https://access.redhat.com/errata/RHSA-2023:7770

RHSA-2023:7770 - Security Advisory - Red Hat カスタマーポータル
Third Party Advisory

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2024:0337

RHSA-2024:0337 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2023:7778

RHSA-2023:7778 - Security Advisory - Red Hat Customer Portal
Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7785

RHSA-2023:7785 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
https://security.netapp.com/advisory/ntap-20240119-0003/

December 2023 PostgreSQL Vulnerabilities in NetApp Products | NetApp Product Security

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2023:7667

RHSA-2023:7667 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2023:7695

RHSA-2023:7695 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2024:0304

RHSA-2024:0304 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2023:7884

RHSA-2023:7884 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/

PostgreSQL: PostgreSQL 16.1, 15.5, 14.10, 13.13, 12.17, and 11.22 Released!
Release Notes

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2023:7579

RHSA-2023:7579 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
https://bugzilla.redhat.com/show_bug.cgi?id=2247169

2247169 – (CVE-2023-5869) CVE-2023-5869 postgresql: Buffer overrun from integer overflow in array modification
Issue Tracking
https://access.redhat.com/errata/RHSA-2023:7878

RHSA-2023:7878 - Security Advisory - Red Hat Customer Portal
https://access.redhat.com/errata/RHSA-2023:7883

RHSA-2023:7883 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2023:7783

RHSA-2023:7783 - Security Advisory - Red Hat Customer Portal
Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7580

RHSA-2023:7580 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
https://www.postgresql.org/support/security/CVE-2023-5869/

PostgreSQL: CVE-2023-5869: Buffer overrun from integer overflow in array modification
Vendor Advisory
https://access.redhat.com/errata/RHSA-2023:7656

RHSA-2023:7656 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2023:7694

RHSA-2023:7694 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2023:7771

RHSA-2023:7771 - Security Advisory - Red Hat カスタマーポータル
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0332

RHSA-2024:0332 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2023:7789

RHSA-2023:7789 - Security Advisory - Red Hat Customer Portal
https://access.redhat.com/errata/RHSA-2023:7786

RHSA-2023:7786 - Security Advisory - Red Hat Customer Portal

Jump to

Vulnerability Details : CVE-2023-5869

Products affected by CVE-2023-5869

Exploit prediction scoring system (EPSS) score for CVE-2023-5869

CVSS scores for CVE-2023-5869

CWE ids for CVE-2023-5869

References for CVE-2023-5869