Bug 1956876 (CVE-2021-32027) - CVE-2021-32027 postgresql: Buffer overrun from integer overflow in array subscripting calculations
Summary: CVE-2021-32027 postgresql: Buffer overrun from integer overflow in array subs...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2021-32027
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1962794 1962795 1962796 1962797 1962798 1962799 1962800 1963687 1963688 1963689 1964497 1964500 1964501 1964502 1964503 1964507 1964508 1964509 1964510 1964511 1964514 1964515 1964516 1964517 1964518 1964519 1964520 1964521 1966334 1966335 1966336 1966337 1966338 1966339
Blocks: 1956885 1956886
TreeView+ depends on / blocked
 
Reported: 2021-05-04 15:13 UTC by Michael Kaplan
Modified: 2022-05-06 13:57 UTC (History)
77 users (show)

Fixed In Version: postgresql 13.3, postgresql 12.7, postgresql 11.12, postgresql 10.17, postgresql 9.6.22
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in postgresql. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Clone Of:
Environment:
Last Closed: 2021-06-09 15:03:56 UTC
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2021:2446 0 None None None 2021-06-15 16:39:38 UTC
Red Hat Product Errata RHBA-2021:2447 0 None None None 2021-06-15 16:43:33 UTC
Red Hat Product Errata RHBA-2021:2452 0 None None None 2021-06-15 18:10:13 UTC
Red Hat Product Errata RHBA-2021:2455 0 None None None 2021-06-16 08:39:54 UTC
Red Hat Product Errata RHBA-2021:2542 0 None None None 2021-06-24 11:58:47 UTC
Red Hat Product Errata RHBA-2021:2766 0 None None None 2021-07-19 13:31:42 UTC
Red Hat Product Errata RHSA-2021:2360 0 None None None 2021-06-09 12:02:09 UTC
Red Hat Product Errata RHSA-2021:2361 0 None None None 2021-06-09 12:13:23 UTC
Red Hat Product Errata RHSA-2021:2372 0 None None None 2021-06-10 10:07:23 UTC
Red Hat Product Errata RHSA-2021:2375 0 None None None 2021-06-10 11:20:28 UTC
Red Hat Product Errata RHSA-2021:2389 0 None None None 2021-06-14 08:53:45 UTC
Red Hat Product Errata RHSA-2021:2390 0 None None None 2021-06-14 09:07:05 UTC
Red Hat Product Errata RHSA-2021:2391 0 None None None 2021-06-14 08:54:18 UTC
Red Hat Product Errata RHSA-2021:2392 0 None None None 2021-06-14 07:47:36 UTC
Red Hat Product Errata RHSA-2021:2393 0 None None None 2021-06-14 07:50:41 UTC
Red Hat Product Errata RHSA-2021:2394 0 None None None 2021-06-14 09:17:35 UTC
Red Hat Product Errata RHSA-2021:2395 0 None None None 2021-06-14 08:56:02 UTC
Red Hat Product Errata RHSA-2021:2396 0 None None None 2021-06-14 09:25:58 UTC
Red Hat Product Errata RHSA-2021:2397 0 None None None 2021-06-14 09:35:37 UTC

Description Michael Kaplan 2021-05-04 15:13:26 UTC
While modifying certain SQL array values, missing bounds checks let
authenticated database users write arbitrary bytes to a wide area of server
memory.

Comment 4 Mauro Matteo Cascella 2021-05-20 15:59:43 UTC
Created mingw-postgresql tracking bugs for this issue:

Affects: fedora-all [bug 1962799]


Created postgresql tracking bugs for this issue:

Affects: fedora-all [bug 1962798]


Created postgresql:10/postgresql tracking bugs for this issue:

Affects: fedora-all [bug 1962797]


Created postgresql:11/postgresql tracking bugs for this issue:

Affects: fedora-all [bug 1962796]


Created postgresql:12/postgresql tracking bugs for this issue:

Affects: fedora-all [bug 1962795]


Created postgresql:13/postgresql tracking bugs for this issue:

Affects: fedora-all [bug 1962800]


Created postgresql:9.6/postgresql tracking bugs for this issue:

Affects: fedora-all [bug 1962794]

Comment 13 Mauro Matteo Cascella 2021-06-03 19:58:35 UTC
Upstream advisory:
https://www.postgresql.org/support/security/CVE-2021-32027/

Comment 15 errata-xmlrpc 2021-06-09 12:01:59 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2021:2360 https://access.redhat.com/errata/RHSA-2021:2360

Comment 16 errata-xmlrpc 2021-06-09 12:13:14 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2021:2361 https://access.redhat.com/errata/RHSA-2021:2361

Comment 17 Product Security DevOps Team 2021-06-09 15:03:56 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2021-32027

Comment 18 Product Security DevOps Team 2021-06-09 21:03:54 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2021-32027

Comment 19 errata-xmlrpc 2021-06-10 10:07:13 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2021:2372 https://access.redhat.com/errata/RHSA-2021:2372

Comment 20 errata-xmlrpc 2021-06-10 11:20:16 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2021:2375 https://access.redhat.com/errata/RHSA-2021:2375

Comment 21 errata-xmlrpc 2021-06-14 07:47:33 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Extended Update Support

Via RHSA-2021:2392 https://access.redhat.com/errata/RHSA-2021:2392

Comment 22 errata-xmlrpc 2021-06-14 07:50:38 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Extended Update Support

Via RHSA-2021:2393 https://access.redhat.com/errata/RHSA-2021:2393

Comment 23 errata-xmlrpc 2021-06-14 08:53:39 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Extended Update Support

Via RHSA-2021:2389 https://access.redhat.com/errata/RHSA-2021:2389

Comment 24 errata-xmlrpc 2021-06-14 08:54:10 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Extended Update Support

Via RHSA-2021:2391 https://access.redhat.com/errata/RHSA-2021:2391

Comment 25 errata-xmlrpc 2021-06-14 08:55:52 UTC
This issue has been addressed in the following products:

  Red Hat Software Collections for Red Hat Enterprise Linux 7
  Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS

Via RHSA-2021:2395 https://access.redhat.com/errata/RHSA-2021:2395

Comment 26 errata-xmlrpc 2021-06-14 09:07:00 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Extended Update Support

Via RHSA-2021:2390 https://access.redhat.com/errata/RHSA-2021:2390

Comment 27 errata-xmlrpc 2021-06-14 09:17:30 UTC
This issue has been addressed in the following products:

  Red Hat Software Collections for Red Hat Enterprise Linux 7
  Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS

Via RHSA-2021:2394 https://access.redhat.com/errata/RHSA-2021:2394

Comment 28 errata-xmlrpc 2021-06-14 09:25:51 UTC
This issue has been addressed in the following products:

  Red Hat Software Collections for Red Hat Enterprise Linux 7
  Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS

Via RHSA-2021:2396 https://access.redhat.com/errata/RHSA-2021:2396

Comment 29 errata-xmlrpc 2021-06-14 09:35:32 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2021:2397 https://access.redhat.com/errata/RHSA-2021:2397


Note You need to log in before you can comment on or make changes to this bug.