While modifying certain SQL array values, missing overflow checks let authenticated database users write arbitrary bytes to a memory area that facilitates arbitrary code execution. Missing overflow checks also let authenticated database users read a wide area of server memory. The CVE-2021-32027 fix covered some attacks of this description, but it missed others.
This CVE is public now (lifting embargo...) https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/
Created mingw-postgresql tracking bugs for this issue: Affects: fedora-all [bug 2249042] Created postgresql tracking bugs for this issue: Affects: fedora-all [bug 2249041] Created postgresql:12/postgresql tracking bugs for this issue: Affects: fedora-all [bug 2249043] Created postgresql:13/postgresql tracking bugs for this issue: Affects: fedora-all [bug 2249044] Created postgresql:14/postgresql tracking bugs for this issue: Affects: fedora-all [bug 2249045] Created postgresql:15/postgresql tracking bugs for this issue: Affects: fedora-all [bug 2249046]
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:7545 https://access.redhat.com/errata/RHSA-2023:7545
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2023:7579 https://access.redhat.com/errata/RHSA-2023:7579
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:7580 https://access.redhat.com/errata/RHSA-2023:7580
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:7581 https://access.redhat.com/errata/RHSA-2023:7581
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2023:7616 https://access.redhat.com/errata/RHSA-2023:7616
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2023:7656 https://access.redhat.com/errata/RHSA-2023:7656
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2023:7667 https://access.redhat.com/errata/RHSA-2023:7667
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:7666 https://access.redhat.com/errata/RHSA-2023:7666
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2023:7694 https://access.redhat.com/errata/RHSA-2023:7694
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2023:7695 https://access.redhat.com/errata/RHSA-2023:7695
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:7714 https://access.redhat.com/errata/RHSA-2023:7714
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7 Via RHSA-2023:7770 https://access.redhat.com/errata/RHSA-2023:7770
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7 Via RHSA-2023:7772 https://access.redhat.com/errata/RHSA-2023:7772
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7 Via RHSA-2023:7771 https://access.redhat.com/errata/RHSA-2023:7771
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2023:7778 https://access.redhat.com/errata/RHSA-2023:7778
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2023:7783 https://access.redhat.com/errata/RHSA-2023:7783
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2023:7786 https://access.redhat.com/errata/RHSA-2023:7786
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:7784 https://access.redhat.com/errata/RHSA-2023:7784
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:7785 https://access.redhat.com/errata/RHSA-2023:7785
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2023:7788 https://access.redhat.com/errata/RHSA-2023:7788
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:7789 https://access.redhat.com/errata/RHSA-2023:7789
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:7790 https://access.redhat.com/errata/RHSA-2023:7790
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2023:7878 https://access.redhat.com/errata/RHSA-2023:7878
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2023:7885 https://access.redhat.com/errata/RHSA-2023:7885
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2023:7883 https://access.redhat.com/errata/RHSA-2023:7883
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:7884 https://access.redhat.com/errata/RHSA-2023:7884
This issue has been addressed in the following products: RHACS-3.74-RHEL-8 Via RHSA-2024:0304 https://access.redhat.com/errata/RHSA-2024:0304
This issue has been addressed in the following products: RHACS-4.1-RHEL-8 Via RHSA-2024:0332 https://access.redhat.com/errata/RHSA-2024:0332
This issue has been addressed in the following products: Red Hat Advanced Cluster Security 4.2 Via RHSA-2024:0337 https://access.redhat.com/errata/RHSA-2024:0337