Bug 2235010 (CVE-2020-21469)

Summary: CVE-2020-21469 postgresql: Stack buffer overflow when continuously send SIGHUP
Product: [Other] Security Response Reporter: Pedro Sampaio <psampaio>
Component: vulnerabilityAssignee: Product Security <prodsec-ir-bot>
Status: NEW --- QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: caswilli, fjansen, fjanus, hhorak, jburrell, jorton, kaycoth, luizcosta, nweather, pkubat, praiskup, stcannon, yguenane
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: postgres 13-BETA1 Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in PostgreSQL 12.2. This issue may allow an attacker to cause a denial of service via repeatedly sending SIGHUP signals.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2235013, 2235014, 2235286, 2235287, 2235289, 2235290    
Bug Blocks: 2235012    

Description Pedro Sampaio 2023-08-25 21:32:36 UTC 
An issue was discovered in PostgreSQL 12.2 allows attackers to cause a denial of service via repeatedly sending SIGHUP signals.

References:

https://www.postgresql.org/message-id/CAA8ZSMqAHDCgo07hqKoM5XJaoQy6Vv76O7966agez4ffyQktkA%40mail.gmail.com
Comment 2 TEJ RATHI 2023-08-28 09:49:03 UTC 
Upstream Commit:
https://github.com/postgres/postgres/commit/9abb2bfc046070b22e3be28173a0736da31cab5a
Comment 4 TEJ RATHI 2023-08-28 10:08:11 UTC 
Created mingw-postgresql tracking bugs for this issue:

Affects: fedora-all [bug 2235289]


Created postgresql:12/postgresql tracking bugs for this issue:

Affects: fedora-all [bug 2235290]