Bug 1734447 (CVE-2019-10209) - CVE-2019-10209 postgresql: Memory disclosure in cross-type comparison for hashed subplan
Summary: CVE-2019-10209 postgresql: Memory disclosure in cross-type comparison for has...
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2019-10209
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1739212
Blocks: 1734467
TreeView+ depends on / blocked
 
Reported: 2019-07-30 14:42 UTC by msiddiqu
Modified: 2019-10-29 09:21 UTC (History)
44 users (show)

Fixed In Version: postgresql 11.5
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-08-14 14:46:57 UTC


Attachments (Terms of Use)

Description msiddiqu 2019-07-30 14:42:46 UTC
In a database containing hypothetical, user-defined hash equality operators,
an attacker could read arbitrary bytes of server memory.  For an attack to
become possible, a superuser would need to create unusual operators.  It is
possible for operators not purpose-crafted for attack to have the properties
that enable an attack, but we are not aware of specific examples.

Comment 3 Joshua Padman 2019-07-31 05:10:28 UTC
The following products only contain the JBDC postgresql driver, not the server and are not affected:
* Red Hat Decision Manager
* Red Hat Process Automation Manager

Comment 4 msiddiqu 2019-08-07 11:56:54 UTC
Acknowledgments:

Name: the PostgreSQL project
Upstream: Andreas Seltenreich

Comment 7 msiddiqu 2019-08-08 18:40:01 UTC
Created postgresql tracking bugs for this issue:

Affects: fedora-all [bug 1739212]

Comment 8 msiddiqu 2019-08-09 09:43:30 UTC
External References:

https://www.postgresql.org/about/news/1960/

Comment 9 Trupti Pardeshi 2019-08-13 11:10:01 UTC
Hello,

May I know if Linux PostgreSQL 7.1beta6 version is also affected and requires this fix? Any heads up will be appreciated.

Thank you in advance.

Best Regards,

Comment 10 Cedric Buissart 🐶 2019-08-13 12:00:29 UTC
Upstream fix :

postgresql-11 : https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=a034418cfc85fffa300d4d44792561c09e76f68b

Comment 11 Cedric Buissart 🐶 2019-08-13 12:02:19 UTC
In reply to comment #9:
> May I know if Linux PostgreSQL 7.1beta6 version is also affected and
> requires this fix? Any heads up will be appreciated.
This vulnerability was introduced with commit bf6c614a2, and thus affects only PostgreSQL version 11. Older versions are safe from that vulnerability.

Comment 12 Trupti Pardeshi 2019-08-13 12:22:49 UTC
(In reply to Cedric Buissart 🐶 from comment #11)
> In reply to comment #9:
> > May I know if Linux PostgreSQL 7.1beta6 version is also affected and
> > requires this fix? Any heads up will be appreciated.
> This vulnerability was introduced with commit bf6c614a2, and thus affects
> only PostgreSQL version 11. Older versions are safe from that vulnerability.

Thanks a lot Cedric for clarification.

Comment 13 Hardik Vyas 2019-08-14 09:05:39 UTC
Red Hat Gluster Storage 3 ships JDBC part of postgresql embedded in rhevm-dependencies, hence not affected.

Comment 14 Product Security DevOps Team 2019-08-14 14:46:57 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2019-10209


Note You need to log in before you can comment on or make changes to this bug.