Bug 2439325 (CVE-2026-2004) - CVE-2026-2004 postgresql: PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code
Summary: CVE-2026-2004 postgresql: PostgreSQL intarray missing validation of type of i...
Keywords:
Status: NEW
Alias: CVE-2026-2004
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2439459 2439460 2439461 2439462 2439463 2439464 2439465
Blocks:
TreeView+ depends on / blocked
 
Reported: 2026-02-12 14:01 UTC by OSIDB Bzimport
Modified: 2026-03-13 07:58 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2026:3730 0 None None None 2026-03-04 14:20:59 UTC
Red Hat Product Errata RHSA-2026:3887 0 None None None 2026-03-05 13:07:39 UTC
Red Hat Product Errata RHSA-2026:3896 0 None None None 2026-03-05 14:35:51 UTC
Red Hat Product Errata RHSA-2026:4024 0 None None None 2026-03-09 11:35:54 UTC
Red Hat Product Errata RHSA-2026:4059 0 None None None 2026-03-09 12:47:45 UTC
Red Hat Product Errata RHSA-2026:4063 0 None None None 2026-03-09 13:32:43 UTC
Red Hat Product Errata RHSA-2026:4064 0 None None None 2026-03-09 14:09:55 UTC
Red Hat Product Errata RHSA-2026:4074 0 None None None 2026-03-09 14:19:45 UTC
Red Hat Product Errata RHSA-2026:4075 0 None None None 2026-03-09 14:24:52 UTC
Red Hat Product Errata RHSA-2026:4110 0 None None None 2026-03-09 16:46:06 UTC
Red Hat Product Errata RHSA-2026:4254 0 None None None 2026-03-11 03:37:15 UTC
Red Hat Product Errata RHSA-2026:4441 0 None None None 2026-03-12 08:52:34 UTC
Red Hat Product Errata RHSA-2026:4475 0 None None None 2026-03-12 13:27:21 UTC
Red Hat Product Errata RHSA-2026:4504 0 None None None 2026-03-12 15:16:15 UTC
Red Hat Product Errata RHSA-2026:4505 0 None None None 2026-03-12 15:20:09 UTC
Red Hat Product Errata RHSA-2026:4506 0 None None None 2026-03-12 15:10:38 UTC
Red Hat Product Errata RHSA-2026:4509 0 None None None 2026-03-12 15:25:34 UTC
Red Hat Product Errata RHSA-2026:4515 0 None None None 2026-03-12 16:27:25 UTC
Red Hat Product Errata RHSA-2026:4516 0 None None None 2026-03-12 16:10:50 UTC
Red Hat Product Errata RHSA-2026:4518 0 None None None 2026-03-12 16:13:22 UTC
Red Hat Product Errata RHSA-2026:4524 0 None None None 2026-03-12 17:58:24 UTC
Red Hat Product Errata RHSA-2026:4528 0 None None None 2026-03-12 18:52:40 UTC
Red Hat Product Errata RHSA-2026:4544 0 None None None 2026-03-12 22:28:09 UTC
Red Hat Product Errata RHSA-2026:4546 0 None None None 2026-03-12 22:21:00 UTC
Red Hat Product Errata RHSA-2026:4547 0 None None None 2026-03-12 22:36:39 UTC
Red Hat Product Errata RHSA-2026:4548 0 None None None 2026-03-12 22:55:25 UTC

Description OSIDB Bzimport 2026-02-12 14:01:53 UTC 
Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database.  Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected.
Comment 2 errata-xmlrpc 2026-03-04 14:20:58 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2026:3730 https://access.redhat.com/errata/RHSA-2026:3730
Comment 3 errata-xmlrpc 2026-03-05 13:07:38 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2026:3887 https://access.redhat.com/errata/RHSA-2026:3887
Comment 4 errata-xmlrpc 2026-03-05 14:35:50 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2026:3896 https://access.redhat.com/errata/RHSA-2026:3896
Comment 6 errata-xmlrpc 2026-03-09 11:35:53 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2026:4024 https://access.redhat.com/errata/RHSA-2026:4024
Comment 7 errata-xmlrpc 2026-03-09 12:47:44 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2026:4059 https://access.redhat.com/errata/RHSA-2026:4059
Comment 8 errata-xmlrpc 2026-03-09 13:32:42 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2026:4063 https://access.redhat.com/errata/RHSA-2026:4063
Comment 9 errata-xmlrpc 2026-03-09 14:09:54 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2026:4064 https://access.redhat.com/errata/RHSA-2026:4064
Comment 10 errata-xmlrpc 2026-03-09 14:19:44 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.8 Telecommunications Update Service

Via RHSA-2026:4074 https://access.redhat.com/errata/RHSA-2026:4074
Comment 11 errata-xmlrpc 2026-03-09 14:24:51 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.8 Telecommunications Update Service

Via RHSA-2026:4075 https://access.redhat.com/errata/RHSA-2026:4075
Comment 14 errata-xmlrpc 2026-03-09 16:46:04 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2026:4110 https://access.redhat.com/errata/RHSA-2026:4110
Comment 15 errata-xmlrpc 2026-03-11 03:37:14 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

Via RHSA-2026:4254 https://access.redhat.com/errata/RHSA-2026:4254
Comment 16 errata-xmlrpc 2026-03-12 08:52:33 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10.0 Extended Update Support

Via RHSA-2026:4441 https://access.redhat.com/errata/RHSA-2026:4441
Comment 17 errata-xmlrpc 2026-03-12 13:27:20 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

Via RHSA-2026:4475 https://access.redhat.com/errata/RHSA-2026:4475
Comment 18 errata-xmlrpc 2026-03-12 15:10:37 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support

Via RHSA-2026:4506 https://access.redhat.com/errata/RHSA-2026:4506
Comment 19 errata-xmlrpc 2026-03-12 15:16:14 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On

Via RHSA-2026:4504 https://access.redhat.com/errata/RHSA-2026:4504
Comment 20 errata-xmlrpc 2026-03-12 15:20:08 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2026:4505 https://access.redhat.com/errata/RHSA-2026:4505
Comment 21 errata-xmlrpc 2026-03-12 15:25:33 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On

Via RHSA-2026:4509 https://access.redhat.com/errata/RHSA-2026:4509
Comment 22 errata-xmlrpc 2026-03-12 16:10:49 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2026:4516 https://access.redhat.com/errata/RHSA-2026:4516
Comment 23 errata-xmlrpc 2026-03-12 16:13:21 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2026:4518 https://access.redhat.com/errata/RHSA-2026:4518
Comment 24 errata-xmlrpc 2026-03-12 16:27:25 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions

Via RHSA-2026:4515 https://access.redhat.com/errata/RHSA-2026:4515
Comment 25 errata-xmlrpc 2026-03-12 17:58:23 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2026:4524 https://access.redhat.com/errata/RHSA-2026:4524
Comment 26 errata-xmlrpc 2026-03-12 18:52:39 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.6 Extended Update Support

Via RHSA-2026:4528 https://access.redhat.com/errata/RHSA-2026:4528
Comment 27 errata-xmlrpc 2026-03-12 22:20:59 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.6 Extended Update Support

Via RHSA-2026:4546 https://access.redhat.com/errata/RHSA-2026:4546
Comment 28 errata-xmlrpc 2026-03-12 22:28:08 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2026:4544 https://access.redhat.com/errata/RHSA-2026:4544
Comment 29 errata-xmlrpc 2026-03-12 22:36:38 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.6 Extended Update Support

Via RHSA-2026:4547 https://access.redhat.com/errata/RHSA-2026:4547
Comment 30 errata-xmlrpc 2026-03-12 22:55:24 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2026:4548 https://access.redhat.com/errata/RHSA-2026:4548
Note You need to log in before you can comment on or make changes to this bug.