Will Drewry reported a problem in a regular expression handling code used by PosgreSQL. This problem can be used to trigger temporary DoS attack by causing PosgreSQL server to consume large amount of system memory and CPU resources. On systems with memory overcommit enabled (default setting), database server can be terminated by kernel OOM killer (see 'Managing Kernel Resources' section in PosgreSQL documentation about more information on memory overcommit configuration on Linux). Regular expression code used by PosgreSQL was adopted from TCL.
Public now, lifting embargo: http://www.postgresql.org/about/news.905 http://www.postgresql.org/support/security.html
TCL fixed in 8.5.0 and 8.4.17, patches (in 8.5 branch): http://tcl.cvs.sourceforge.net/tcl/tcl/generic/regc_color.c?r1=1.10&r2=1.11 http://tcl.cvs.sourceforge.net/tcl/tcl/generic/regc_nfa.c?r1=1.10&r2=1.11 http://tcl.cvs.sourceforge.net/tcl/tcl/generic/regerrs.h?r1=1.4&r2=1.5 http://tcl.cvs.sourceforge.net/tcl/tcl/generic/regex.h?r1=1.8&r2=1.9 http://tcl.cvs.sourceforge.net/tcl/tcl/generic/regguts.h?r1=1.10&r2=1.11 TCL bug report: http://sourceforge.net/tracker/index.php?func=detail&aid=1810264&group_id=10894&atid=110894
postgresql-8.2.6-1.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
postgresql-8.2.6-1.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
This issue was addressed in: Red Hat Application Stack: http://rhn.redhat.com/errata/RHSA-2008-0040.html Red Hat Enterprise Linux: http://rhn.redhat.com/errata/RHSA-2008-0038.html Fedora: https://admin.fedoraproject.org/updates/F7/FEDORA-2008-0552 https://admin.fedoraproject.org/updates/F8/FEDORA-2008-0478
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2013:0122 https://rhn.redhat.com/errata/RHSA-2013-0122.html