Bug 2022666 (CVE-2021-23214) - CVE-2021-23214 postgresql: server processes unencrypted bytes from man-in-the-middle
Summary: CVE-2021-23214 postgresql: server processes unencrypted bytes from man-in-the...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2021-23214
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2022667 2023231 2023235 2023237 2023301 2031509 2031510 2022668 2022669 2022670 2022671 2022672 2022673 2022674 2023232 2023233 2023234 2023236 2028598
Blocks: 2021380
TreeView+ depends on / blocked
 
Reported: 2021-11-12 10:34 UTC by Marian Rehak
Modified: 2021-12-21 10:50 UTC (History)
74 users (show)

Fixed In Version: postgresql 9.6.24, postgresql 10.19, postgresql 11.14, postgresql 12.9, postgresql 13.5, postgresql 14.1
Doc Type: If docs needed, set a value
Doc Text:
It was found that a PostgreSQL server could accept plain text data during the establishment of an SSL connection. When a user is requesting a certificate based authentication, an active Person in the Middle could use this flaw in order to inject arbitrary SQL commands.
Clone Of:
Environment:
Last Closed: 2021-12-21 10:50:30 UTC


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2021:5179 0 None None None 2021-12-16 11:45:50 UTC
Red Hat Product Errata RHSA-2021:5197 0 None None None 2021-12-16 18:19:35 UTC
Red Hat Product Errata RHSA-2021:5235 0 None None None 2021-12-21 09:57:50 UTC
Red Hat Product Errata RHSA-2021:5236 0 None None None 2021-12-21 09:58:24 UTC

Description Marian Rehak 2021-11-12 10:34:48 UTC
When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption.

Upstream Advisory:

https://www.postgresql.org/support/security/CVE-2021-23214/

Comment 1 Marian Rehak 2021-11-12 10:35:53 UTC
Created mingw-postgresql tracking bugs for this issue:

Affects: fedora-all [bug 2022667]


Created postgresql tracking bugs for this issue:

Affects: fedora-all [bug 2022673]


Created postgresql:10/postgresql tracking bugs for this issue:

Affects: fedora-all [bug 2022668]


Created postgresql:11/postgresql tracking bugs for this issue:

Affects: fedora-all [bug 2022669]


Created postgresql:12/postgresql tracking bugs for this issue:

Affects: fedora-all [bug 2022670]


Created postgresql:13/postgresql tracking bugs for this issue:

Affects: fedora-all [bug 2022671]


Created postgresql:14/postgresql tracking bugs for this issue:

Affects: fedora-all [bug 2022674]


Created postgresql:9.6/postgresql tracking bugs for this issue:

Affects: fedora-34 [bug 2022672]

Comment 6 errata-xmlrpc 2021-12-16 11:45:46 UTC
This issue has been addressed in the following products:

  Red Hat Software Collections for Red Hat Enterprise Linux 7

Via RHSA-2021:5179 https://access.redhat.com/errata/RHSA-2021:5179

Comment 7 errata-xmlrpc 2021-12-16 18:19:32 UTC
This issue has been addressed in the following products:

  Red Hat Software Collections for Red Hat Enterprise Linux 7

Via RHSA-2021:5197 https://access.redhat.com/errata/RHSA-2021:5197

Comment 8 errata-xmlrpc 2021-12-21 09:57:46 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2021:5235 https://access.redhat.com/errata/RHSA-2021:5235

Comment 9 errata-xmlrpc 2021-12-21 09:58:20 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2021:5236 https://access.redhat.com/errata/RHSA-2021:5236

Comment 10 Product Security DevOps Team 2021-12-21 10:50:25 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2021-23214


Note You need to log in before you can comment on or make changes to this bug.