A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.02718.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Postgresql
  • Postgresql
Redhat
  • Advanced Cluster Security
  • Codeready Linux Builder Eus
  • Codeready Linux Builder Eus For Power Little Endian Eus
  • Codeready Linux Builder For Arm64 Eus
  • Codeready Linux Builder For Ibm Z Systems Eus
  • Codeready Linux Builder For Power Little Endian Eus
  • Enterprise Linux
  • Enterprise Linux Eus
  • Enterprise Linux For Arm 64
  • Enterprise Linux For Ibm Z Systems
  • Enterprise Linux For Ibm Z Systems Eus
  • Enterprise Linux For Power Little Endian
  • Enterprise Linux For Power Little Endian Eus
  • Enterprise Linux Server Aus
  • Enterprise Linux Server Tus
  • Rhel Aus
  • Rhel E4s
  • Rhel Eus
  • Rhel Software Collections
  • Rhel Tus
  • Software Collections

Configuration 1 [-]

OR cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:16.0:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:8.6_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.2_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.8_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Advanced Cluster Security 4.2
advanced-cluster-security/rhacs-central-db-rhel8:4.2.4-6 cpe:/a:redhat:advanced_cluster_security:4.2::el8 RHSA-2024:0337 2024-01-22T00:00:00Z
advanced-cluster-security/rhacs-main-rhel8:4.2.4-6 cpe:/a:redhat:advanced_cluster_security:4.2::el8 RHSA-2024:0337 2024-01-22T00:00:00Z
advanced-cluster-security/rhacs-operator-bundle:4.2.4-7 cpe:/a:redhat:advanced_cluster_security:4.2::el8 RHSA-2024:0337 2024-01-22T00:00:00Z
advanced-cluster-security/rhacs-scanner-db-rhel8:4.2.4-6 cpe:/a:redhat:advanced_cluster_security:4.2::el8 RHSA-2024:0337 2024-01-22T00:00:00Z
advanced-cluster-security/rhacs-scanner-db-slim-rhel8:4.2.4-7 cpe:/a:redhat:advanced_cluster_security:4.2::el8 RHSA-2024:0337 2024-01-22T00:00:00Z
Red Hat Enterprise Linux 8
postgresql:13-8090020231114113712.a75119d5 cpe:/a:redhat:enterprise_linux:8 RHSA-2023:7581 2023-11-29T00:00:00Z
postgresql:12-8090020231128173330.a75119d5 cpe:/a:redhat:enterprise_linux:8 RHSA-2023:7714 2023-12-11T00:00:00Z
postgresql:15-8090020231114113548.a75119d5 cpe:/a:redhat:enterprise_linux:8 RHSA-2023:7884 2023-12-20T00:00:00Z
Red Hat Enterprise Linux 8.2 Advanced Update Support
postgresql:12-8020020231128165246.4cda2c84 cpe:/a:redhat:rhel_aus:8.2 RHSA-2023:7667 2023-12-06T00:00:00Z
Red Hat Enterprise Linux 8.2 Telecommunications Update Service
postgresql:12-8020020231128165246.4cda2c84 cpe:/a:redhat:rhel_tus:8.2 RHSA-2023:7667 2023-12-06T00:00:00Z
Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
postgresql:12-8020020231128165246.4cda2c84 cpe:/a:redhat:rhel_e4s:8.2 RHSA-2023:7667 2023-12-06T00:00:00Z
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
postgresql:12-8040020231127153301.522a0ee4 cpe:/a:redhat:rhel_aus:8.4 RHSA-2023:7694 2023-12-07T00:00:00Z
postgresql:13-8040020231127154806.522a0ee4 cpe:/a:redhat:rhel_aus:8.4 RHSA-2023:7695 2023-12-07T00:00:00Z
Red Hat Enterprise Linux 8.4 Telecommunications Update Service
postgresql:12-8040020231127153301.522a0ee4 cpe:/a:redhat:rhel_tus:8.4 RHSA-2023:7694 2023-12-07T00:00:00Z
postgresql:13-8040020231127154806.522a0ee4 cpe:/a:redhat:rhel_tus:8.4 RHSA-2023:7695 2023-12-07T00:00:00Z
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
postgresql:12-8040020231127153301.522a0ee4 cpe:/a:redhat:rhel_e4s:8.4 RHSA-2023:7694 2023-12-07T00:00:00Z
postgresql:13-8040020231127154806.522a0ee4 cpe:/a:redhat:rhel_e4s:8.4 RHSA-2023:7695 2023-12-07T00:00:00Z
Red Hat Enterprise Linux 8.6 Extended Update Support
postgresql:13-8060020231114115246.ad008a3a cpe:/a:redhat:rhel_eus:8.6 RHSA-2023:7580 2023-11-29T00:00:00Z
postgresql:12-8060020231128165328.ad008a3a cpe:/a:redhat:rhel_eus:8.6 RHSA-2023:7666 2023-12-06T00:00:00Z
Red Hat Enterprise Linux 8.8 Extended Update Support
postgresql:13-8080020231114105206.63b34585 cpe:/a:redhat:rhel_eus:8.8 RHSA-2023:7579 2023-11-29T00:00:00Z
postgresql:12-8080020231128165335.63b34585 cpe:/a:redhat:rhel_eus:8.8 RHSA-2023:7656 2023-12-05T00:00:00Z
postgresql:15-8080020231113134015.63b34585 cpe:/a:redhat:rhel_eus:8.8 RHSA-2023:7883 2023-12-20T00:00:00Z
Red Hat Enterprise Linux 9
postgresql-0:13.13-1.el9_3 cpe:/a:redhat:enterprise_linux:9 RHSA-2023:7784 2023-12-13T00:00:00Z
postgresql:15-9030020231120082734.rhel9 cpe:/a:redhat:enterprise_linux:9 RHSA-2023:7785 2023-12-13T00:00:00Z
Red Hat Enterprise Linux 9.0 Extended Update Support
postgresql-0:13.13-1.el9_0 cpe:/a:redhat:rhel_eus:9.0 RHSA-2023:7545 2023-11-28T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support
postgresql-0:13.13-1.el9_2 cpe:/a:redhat:rhel_eus:9.2 RHSA-2023:7616 2023-11-30T00:00:00Z
postgresql:15-9020020231115020618.rhel9 cpe:/a:redhat:rhel_eus:9.2 RHSA-2023:7885 2023-12-20T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7
rh-postgresql12-postgresql-0:12.17-1.el7 cpe:/a:redhat:rhel_software_collections:3::el7 RHSA-2023:7770 2023-12-13T00:00:00Z
rh-postgresql13-postgresql-0:13.13-1.el7 cpe:/a:redhat:rhel_software_collections:3::el7 RHSA-2023:7772 2023-12-13T00:00:00Z
RHACS-3.74-RHEL-8
advanced-cluster-security/rhacs-central-db-rhel8:3.74.8-9 cpe:/a:redhat:advanced_cluster_security:3.74::el8 RHSA-2024:0304 2024-01-18T00:00:00Z
advanced-cluster-security/rhacs-main-rhel8:3.74.8-9 cpe:/a:redhat:advanced_cluster_security:3.74::el8 RHSA-2024:0304 2024-01-18T00:00:00Z
advanced-cluster-security/rhacs-operator-bundle:3.74.8-7 cpe:/a:redhat:advanced_cluster_security:3.74::el8 RHSA-2024:0304 2024-01-18T00:00:00Z
advanced-cluster-security/rhacs-scanner-db-rhel8:3.74.8-9 cpe:/a:redhat:advanced_cluster_security:3.74::el8 RHSA-2024:0304 2024-01-18T00:00:00Z
advanced-cluster-security/rhacs-scanner-db-slim-rhel8:3.74.8-9 cpe:/a:redhat:advanced_cluster_security:3.74::el8 RHSA-2024:0304 2024-01-18T00:00:00Z
RHACS-4.1-RHEL-8
advanced-cluster-security/rhacs-central-db-rhel8:4.1.6-6 cpe:/a:redhat:advanced_cluster_security:4.1::el8 RHSA-2024:0332 2024-01-22T00:00:00Z
advanced-cluster-security/rhacs-main-rhel8:4.1.6-6 cpe:/a:redhat:advanced_cluster_security:4.1::el8 RHSA-2024:0332 2024-01-22T00:00:00Z
advanced-cluster-security/rhacs-operator-bundle:4.1.6-6 cpe:/a:redhat:advanced_cluster_security:4.1::el8 RHSA-2024:0332 2024-01-22T00:00:00Z
advanced-cluster-security/rhacs-scanner-db-rhel8:4.1.6-6 cpe:/a:redhat:advanced_cluster_security:4.1::el8 RHSA-2024:0332 2024-01-22T00:00:00Z
advanced-cluster-security/rhacs-scanner-db-slim-rhel8:4.1.6-6 cpe:/a:redhat:advanced_cluster_security:4.1::el8 RHSA-2024:0332 2024-01-22T00:00:00Z

No data.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-3651-1 postgresql-11 security update
Debian DSA Debian DSA DSA-5553-1 postgresql-15 security update
Debian DSA Debian DSA DSA-5554-1 postgresql-13 security update
EUVD EUVD EUVD-2023-58142 A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory.
Ubuntu USN Ubuntu USN USN-6538-1 PostgreSQL vulnerabilities
Ubuntu USN Ubuntu USN USN-6538-2 PostgreSQL vulnerabilities
Fixes

Solution

No solution given by the vendor.

Workaround

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

References
Link Providers
https://access.redhat.com/errata/RHSA-2023:7545 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7579 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7580 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7581 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7616 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7656 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7666 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7667 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7694 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7695 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7714 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7770 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7772 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7784 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7785 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7883 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7884 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7885 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:0304 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:0332 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:0337 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2023-5868 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2247168 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2023/11/msg00007.html cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2023-5868 cve-icon
https://security.netapp.com/advisory/ntap-20240119-0003/ cve-icon
https://www.cve.org/CVERecord?id=CVE-2023-5868 cve-icon
https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/ cve-icon cve-icon cve-icon
https://www.postgresql.org/support/security/CVE-2023-5868/ cve-icon cve-icon cve-icon
History

Tue, 04 Nov 2025 20:30:00 +0000

Type Values Removed Values Added
References

Sat, 25 Oct 2025 01:15:00 +0000

Type Values Removed Values Added
CPEs cpe:/o:redhat:enterprise_linux:9

Sat, 04 Oct 2025 01:30:00 +0000

Type Values Removed Values Added
CPEs cpe:/o:redhat:enterprise_linux:9

Fri, 22 Nov 2024 12:00:00 +0000

Type Values Removed Values Added
References

Sat, 14 Sep 2024 00:45:00 +0000

Type Values Removed Values Added
References
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2025-11-04T19:25:50.319Z

Reserved: 2023-10-31T03:56:17.314Z

Link: CVE-2023-5868

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-12-10T18:15:07.163

Modified: 2025-11-04T20:17:13.493

Link: CVE-2023-5868

cve-icon Redhat

Severity : Moderate

Publid Date: 2023-11-09T00:00:00Z

Links: CVE-2023-5868 - Bugzilla

cve-icon OpenCVE Enrichment

No data.