Bug 2477443 (CVE-2026-6637)

Summary: CVE-2026-6637 postgresql: PostgreSQL: Arbitrary code execution vulnerability in 'refint' module
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: dschmidt, jlanda, kshier, rhel-process-autobot, simaishi, stcannon, teagle, watson-tool-maintainers, yguenane
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A flaw was found in PostgreSQL. A stack buffer overflow in the 'refint' module allows an unprivileged database user to execute arbitrary code as the operating system user running the database. Additionally, a separate vulnerability exists where, if an application uses a user-controlled column as a 'refint' cascade primary key and allows user-controlled updates, a SQL injection can enable an attacker to execute arbitrary SQL commands as the database user performing the update.
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2499724, 2499725, 2499726, 2499730, 2499731    
Bug Blocks:    

Description OSIDB Bzimport 2026-05-14 14:01:56 UTC
Stack buffer overflow in PostgreSQL module "refint" allows an unprivileged database user to execute arbitrary code as the operating system user running the database.  A distinct attack is possible if the application declares a user-controlled column as a "refint" cascade primary key and facilitates user-controlled updates to that column.  In that case, a SQL injection allows a primary key update value provider to execute arbitrary SQL as the database user performing the primary key update.  Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.