Fedora Account System
Red Hat Associate
Red Hat Customer
Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and write out-of-bounds. This may execute arbitrary code as the operating system user running the database. In applications that pass gigabyte-scale user inputs to the relevant database functions, the application input provider may achieve a segmentation fault. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.
I encountered this bug on Red Hat Enterprise Linux 9.5 and Fedora 41 (https://fnffree.io) with the latest postgresql-server packages. It triggers during bulk INSERT/UPDATE operations with large integer values, causing a segmentation fault due to integer overflow and out-of-bounds write.
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2026:26181 https://access.redhat.com/errata/RHSA-2026:26181
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2026:26203 https://access.redhat.com/errata/RHSA-2026:26203
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2026:26204 https://access.redhat.com/errata/RHSA-2026:26204
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions Via RHSA-2026:26524 https://access.redhat.com/errata/RHSA-2026:26524
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.6 Extended Update Support Via RHSA-2026:26525 https://access.redhat.com/errata/RHSA-2026:26525
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Red Hat Enterprise Linux 8.8 Telecommunications Update Service Via RHSA-2026:26561 https://access.redhat.com/errata/RHSA-2026:26561
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2026:27738 https://access.redhat.com/errata/RHSA-2026:27738
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2026:27743 https://access.redhat.com/errata/RHSA-2026:27743
This issue has been addressed in the following products: Red Hat Enterprise Linux 10.0 Extended Update Support Via RHSA-2026:27718 https://access.redhat.com/errata/RHSA-2026:27718
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2026:27742 https://access.redhat.com/errata/RHSA-2026:27742
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2026:27741 https://access.redhat.com/errata/RHSA-2026:27741
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2026:28037 https://access.redhat.com/errata/RHSA-2026:28037
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2026:28143 https://access.redhat.com/errata/RHSA-2026:28143
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2026:28999 https://access.redhat.com/errata/RHSA-2026:28999
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.6 Extended Update Support Via RHSA-2026:29212 https://access.redhat.com/errata/RHSA-2026:29212
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On Via RHSA-2026:29815 https://access.redhat.com/errata/RHSA-2026:29815
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions Via RHSA-2026:29904 https://access.redhat.com/errata/RHSA-2026:29904
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2026:29953 https://access.redhat.com/errata/RHSA-2026:29953
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.6 Extended Update Support Via RHSA-2026:32983 https://access.redhat.com/errata/RHSA-2026:32983
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On Via RHSA-2026:32994 https://access.redhat.com/errata/RHSA-2026:32994
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions Via RHSA-2026:33441 https://access.redhat.com/errata/RHSA-2026:33441
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Via RHSA-2026:33497 https://access.redhat.com/errata/RHSA-2026:33497
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Red Hat Enterprise Linux 8.8 Telecommunications Update Service Via RHSA-2026:34043 https://access.redhat.com/errata/RHSA-2026:34043
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Via RHSA-2026:34363 https://access.redhat.com/errata/RHSA-2026:34363
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Via RHSA-2026:34362 https://access.redhat.com/errata/RHSA-2026:34362
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Red Hat Enterprise Linux 8.8 Telecommunications Update Service Via RHSA-2026:35880 https://access.redhat.com/errata/RHSA-2026:35880