Bug 1319810 (CVE-2016-3065)

Summary: CVE-2016-3065 postgresql: memory disclosure in pageinspect functions
Product: [Other] Security Response Reporter: Andrej Nemec <anemec>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED NOTABUG QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: databases-maint, hhorak, jorton, mmaslano, pkajaba, security-response-team
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: postgresql 9.5.2 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-03-31 20:44:03 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1322984    
Bug Blocks: 1319814    

Description Andrej Nemec 2016-03-21 15:05:01 UTC 
A vulnerability was found in a way PostgreSQL uses pageinspect functions. Certain function arguments crashed the server or disclosed a few bytes of server memory. The viability of attacks that arrange for presence of confidential information in the disclosed bytes was not ruled out. This affects only databases that have used "CREATE EXTENSION pageinspect".
Comment 1 Andrej Nemec 2016-03-21 15:05:10 UTC 
Acknowledgments:

Name: the PostgreSQL project
Upstream: Andreas Seltenreich
Comment 2 Andrej Nemec 2016-03-31 14:49:56 UTC 
External references:

http://www.postgresql.org/about/news/1656/
Comment 3 Tomas Hoger 2016-03-31 20:28:48 UTC 
Upstream commit:

http://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=bf78a6f107949fdfb513d1b45e30cefe04e09e4f
Comment 5 Tomas Hoger 2016-03-31 20:44:03 UTC 
Only PostgreSQL 9.5 was affected, which is not yet part of any Red Hat product.