A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.01236.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Red Hat Red Hat Advanced Cluster Security 4.2 affected
Version Status Constraints
4.2.4-6 unaffected < *
Red Hat Red Hat Advanced Cluster Security 4.2 affected
Version Status Constraints
4.2.4-6 unaffected < *
Red Hat Red Hat Advanced Cluster Security 4.2 affected
Version Status Constraints
4.2.4-7 unaffected < *
Red Hat Red Hat Advanced Cluster Security 4.2 affected
Version Status Constraints
4.2.4-6 unaffected < *
Red Hat Red Hat Advanced Cluster Security 4.2 affected
Version Status Constraints
4.2.4-7 unaffected < *
Red Hat Red Hat Enterprise Linux 7 affected
Version Status Constraints
0:9.2.24-9.el7_9 unaffected < *
Red Hat Red Hat Enterprise Linux 8 affected
Version Status Constraints
8090020231114113712.a75119d5 unaffected < *
Red Hat Red Hat Enterprise Linux 8 affected
Version Status Constraints
8090020231128173330.a75119d5 unaffected < *
Red Hat Red Hat Enterprise Linux 8 affected
Version Status Constraints
8090020231201202407.a75119d5 unaffected < *
Red Hat Red Hat Enterprise Linux 8 affected
Version Status Constraints
8090020231114113548.a75119d5 unaffected < *
Red Hat Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions affected
Version Status Constraints
8010020231130170510.c27ad7f8 unaffected < *
Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support affected
Version Status Constraints
8020020231128165246.4cda2c84 unaffected < *
Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support affected
Version Status Constraints
8020020231201202149.4cda2c84 unaffected < *
Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service affected
Version Status Constraints
8020020231128165246.4cda2c84 unaffected < *
Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service affected
Version Status Constraints
8020020231201202149.4cda2c84 unaffected < *
Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions affected
Version Status Constraints
8020020231128165246.4cda2c84 unaffected < *
Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions affected
Version Status Constraints
8020020231201202149.4cda2c84 unaffected < *
Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support affected
Version Status Constraints
8040020231127153301.522a0ee4 unaffected < *
Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support affected
Version Status Constraints
8040020231127154806.522a0ee4 unaffected < *
Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support affected
Version Status Constraints
8040020231127142440.522a0ee4 unaffected < *
Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service affected
Version Status Constraints
8040020231127153301.522a0ee4 unaffected < *
Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service affected
Version Status Constraints
8040020231127154806.522a0ee4 unaffected < *
Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service affected
Version Status Constraints
8040020231127142440.522a0ee4 unaffected < *
Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions affected
Version Status Constraints
8040020231127153301.522a0ee4 unaffected < *
Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions affected
Version Status Constraints
8040020231127154806.522a0ee4 unaffected < *
Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions affected
Version Status Constraints
8040020231127142440.522a0ee4 unaffected < *
Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support affected
Version Status Constraints
8060020231114115246.ad008a3a unaffected < *
Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support affected
Version Status Constraints
8060020231128165328.ad008a3a unaffected < *
Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support affected
Version Status Constraints
8060020231201202249.ad008a3a unaffected < *
Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support affected
Version Status Constraints
8080020231114105206.63b34585 unaffected < *
Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support affected
Version Status Constraints
8080020231128165335.63b34585 unaffected < *
Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support affected
Version Status Constraints
8080020231201202316.63b34585 unaffected < *
Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support affected
Version Status Constraints
8080020231113134015.63b34585 unaffected < *
Red Hat Red Hat Enterprise Linux 9 affected
Version Status Constraints
0:13.13-1.el9_3 unaffected < *
Red Hat Red Hat Enterprise Linux 9 affected
Version Status Constraints
9030020231120082734.rhel9 unaffected < *
Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support affected
Version Status Constraints
0:13.13-1.el9_0 unaffected < *
Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support affected
Version Status Constraints
0:13.13-1.el9_2 unaffected < *
Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support affected
Version Status Constraints
9020020231115020618.rhel9 unaffected < *
Red Hat Red Hat Software Collections for Red Hat Enterprise Linux 7 affected
Version Status Constraints
0:12.17-1.el7 unaffected < *
Red Hat Red Hat Software Collections for Red Hat Enterprise Linux 7 affected
Version Status Constraints
0:10.23-2.el7 unaffected < *
Red Hat Red Hat Software Collections for Red Hat Enterprise Linux 7 affected
Version Status Constraints
0:13.13-1.el7 unaffected < *
Red Hat RHACS-3.74-RHEL-8 affected
Version Status Constraints
3.74.8-9 unaffected < *
Red Hat RHACS-3.74-RHEL-8 affected
Version Status Constraints
3.74.8-9 unaffected < *
Red Hat RHACS-3.74-RHEL-8 affected
Version Status Constraints
3.74.8-7 unaffected < *
Red Hat RHACS-3.74-RHEL-8 affected
Version Status Constraints
3.74.8-9 unaffected < *
Red Hat RHACS-3.74-RHEL-8 affected
Version Status Constraints
3.74.8-9 unaffected < *
Red Hat RHACS-4.1-RHEL-8 affected
Version Status Constraints
4.1.6-6 unaffected < *
Red Hat RHACS-4.1-RHEL-8 affected
Version Status Constraints
4.1.6-6 unaffected < *
Red Hat RHACS-4.1-RHEL-8 affected
Version Status Constraints
4.1.6-6 unaffected < *
Red Hat RHACS-4.1-RHEL-8 affected
Version Status Constraints
4.1.6-6 unaffected < *
Red Hat RHACS-4.1-RHEL-8 affected
Version Status Constraints
4.1.6-6 unaffected < *
Red Hat Red Hat Enterprise Linux 6 unknown —
Red Hat Red Hat Enterprise Linux 8 unaffected —
Red Hat Red Hat Enterprise Linux 9 unaffected —

Configuration 1 [-]

OR cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:16.0:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:8.6_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.2_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.8_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Advanced Cluster Security 4.2
advanced-cluster-security/rhacs-central-db-rhel8:4.2.4-6 cpe:/a:redhat:advanced_cluster_security:4.2::el8 RHSA-2024:0337 2024-01-22T00:00:00Z
advanced-cluster-security/rhacs-main-rhel8:4.2.4-6 cpe:/a:redhat:advanced_cluster_security:4.2::el8 RHSA-2024:0337 2024-01-22T00:00:00Z
advanced-cluster-security/rhacs-operator-bundle:4.2.4-7 cpe:/a:redhat:advanced_cluster_security:4.2::el8 RHSA-2024:0337 2024-01-22T00:00:00Z
advanced-cluster-security/rhacs-scanner-db-rhel8:4.2.4-6 cpe:/a:redhat:advanced_cluster_security:4.2::el8 RHSA-2024:0337 2024-01-22T00:00:00Z
advanced-cluster-security/rhacs-scanner-db-slim-rhel8:4.2.4-7 cpe:/a:redhat:advanced_cluster_security:4.2::el8 RHSA-2024:0337 2024-01-22T00:00:00Z
Red Hat Enterprise Linux 7
postgresql-0:9.2.24-9.el7_9 cpe:/o:redhat:enterprise_linux:7 RHSA-2023:7783 2023-12-13T00:00:00Z
Red Hat Enterprise Linux 8
postgresql:13-8090020231114113712.a75119d5 cpe:/a:redhat:enterprise_linux:8 RHSA-2023:7581 2023-11-29T00:00:00Z
postgresql:12-8090020231128173330.a75119d5 cpe:/a:redhat:enterprise_linux:8 RHSA-2023:7714 2023-12-11T00:00:00Z
postgresql:10-8090020231201202407.a75119d5 cpe:/a:redhat:enterprise_linux:8 RHSA-2023:7790 2023-12-13T00:00:00Z
postgresql:15-8090020231114113548.a75119d5 cpe:/a:redhat:enterprise_linux:8 RHSA-2023:7884 2023-12-20T00:00:00Z
Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions
postgresql:10-8010020231130170510.c27ad7f8 cpe:/a:redhat:rhel_e4s:8.1 RHSA-2023:7778 2023-12-13T00:00:00Z
Red Hat Enterprise Linux 8.2 Advanced Update Support
postgresql:12-8020020231128165246.4cda2c84 cpe:/a:redhat:rhel_aus:8.2 RHSA-2023:7667 2023-12-06T00:00:00Z
postgresql:10-8020020231201202149.4cda2c84 cpe:/a:redhat:rhel_aus:8.2 RHSA-2023:7788 2023-12-13T00:00:00Z
Red Hat Enterprise Linux 8.2 Telecommunications Update Service
postgresql:12-8020020231128165246.4cda2c84 cpe:/a:redhat:rhel_tus:8.2 RHSA-2023:7667 2023-12-06T00:00:00Z
postgresql:10-8020020231201202149.4cda2c84 cpe:/a:redhat:rhel_tus:8.2 RHSA-2023:7788 2023-12-13T00:00:00Z
Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
postgresql:12-8020020231128165246.4cda2c84 cpe:/a:redhat:rhel_e4s:8.2 RHSA-2023:7667 2023-12-06T00:00:00Z
postgresql:10-8020020231201202149.4cda2c84 cpe:/a:redhat:rhel_e4s:8.2 RHSA-2023:7788 2023-12-13T00:00:00Z
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
postgresql:12-8040020231127153301.522a0ee4 cpe:/a:redhat:rhel_aus:8.4 RHSA-2023:7694 2023-12-07T00:00:00Z
postgresql:13-8040020231127154806.522a0ee4 cpe:/a:redhat:rhel_aus:8.4 RHSA-2023:7695 2023-12-07T00:00:00Z
postgresql:10-8040020231127142440.522a0ee4 cpe:/a:redhat:rhel_aus:8.4 RHSA-2023:7878 2023-12-19T00:00:00Z
Red Hat Enterprise Linux 8.4 Telecommunications Update Service
postgresql:12-8040020231127153301.522a0ee4 cpe:/a:redhat:rhel_tus:8.4 RHSA-2023:7694 2023-12-07T00:00:00Z
postgresql:13-8040020231127154806.522a0ee4 cpe:/a:redhat:rhel_tus:8.4 RHSA-2023:7695 2023-12-07T00:00:00Z
postgresql:10-8040020231127142440.522a0ee4 cpe:/a:redhat:rhel_tus:8.4 RHSA-2023:7878 2023-12-19T00:00:00Z
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
postgresql:12-8040020231127153301.522a0ee4 cpe:/a:redhat:rhel_e4s:8.4 RHSA-2023:7694 2023-12-07T00:00:00Z
postgresql:13-8040020231127154806.522a0ee4 cpe:/a:redhat:rhel_e4s:8.4 RHSA-2023:7695 2023-12-07T00:00:00Z
postgresql:10-8040020231127142440.522a0ee4 cpe:/a:redhat:rhel_e4s:8.4 RHSA-2023:7878 2023-12-19T00:00:00Z
Red Hat Enterprise Linux 8.6 Extended Update Support
postgresql:13-8060020231114115246.ad008a3a cpe:/a:redhat:rhel_eus:8.6 RHSA-2023:7580 2023-11-29T00:00:00Z
postgresql:12-8060020231128165328.ad008a3a cpe:/a:redhat:rhel_eus:8.6 RHSA-2023:7666 2023-12-06T00:00:00Z
postgresql:10-8060020231201202249.ad008a3a cpe:/a:redhat:rhel_eus:8.6 RHSA-2023:7789 2023-12-13T00:00:00Z
Red Hat Enterprise Linux 8.8 Extended Update Support
postgresql:13-8080020231114105206.63b34585 cpe:/a:redhat:rhel_eus:8.8 RHSA-2023:7579 2023-11-29T00:00:00Z
postgresql:12-8080020231128165335.63b34585 cpe:/a:redhat:rhel_eus:8.8 RHSA-2023:7656 2023-12-05T00:00:00Z
postgresql:10-8080020231201202316.63b34585 cpe:/a:redhat:rhel_eus:8.8 RHSA-2023:7786 2023-12-13T00:00:00Z
postgresql:15-8080020231113134015.63b34585 cpe:/a:redhat:rhel_eus:8.8 RHSA-2023:7883 2023-12-20T00:00:00Z
Red Hat Enterprise Linux 9
postgresql-0:13.13-1.el9_3 cpe:/a:redhat:enterprise_linux:9 RHSA-2023:7784 2023-12-13T00:00:00Z
postgresql:15-9030020231120082734.rhel9 cpe:/a:redhat:enterprise_linux:9 RHSA-2023:7785 2023-12-13T00:00:00Z
Red Hat Enterprise Linux 9.0 Extended Update Support
postgresql-0:13.13-1.el9_0 cpe:/a:redhat:rhel_eus:9.0 RHSA-2023:7545 2023-11-28T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support
postgresql-0:13.13-1.el9_2 cpe:/a:redhat:rhel_eus:9.2 RHSA-2023:7616 2023-11-30T00:00:00Z
postgresql:15-9020020231115020618.rhel9 cpe:/a:redhat:rhel_eus:9.2 RHSA-2023:7885 2023-12-20T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7
rh-postgresql12-postgresql-0:12.17-1.el7 cpe:/a:redhat:rhel_software_collections:3::el7 RHSA-2023:7770 2023-12-13T00:00:00Z
rh-postgresql10-postgresql-0:10.23-2.el7 cpe:/a:redhat:rhel_software_collections:3::el7 RHSA-2023:7771 2023-12-13T00:00:00Z
rh-postgresql13-postgresql-0:13.13-1.el7 cpe:/a:redhat:rhel_software_collections:3::el7 RHSA-2023:7772 2023-12-13T00:00:00Z
RHACS-3.74-RHEL-8
advanced-cluster-security/rhacs-central-db-rhel8:3.74.8-9 cpe:/a:redhat:advanced_cluster_security:3.74::el8 RHSA-2024:0304 2024-01-18T00:00:00Z
advanced-cluster-security/rhacs-main-rhel8:3.74.8-9 cpe:/a:redhat:advanced_cluster_security:3.74::el8 RHSA-2024:0304 2024-01-18T00:00:00Z
advanced-cluster-security/rhacs-operator-bundle:3.74.8-7 cpe:/a:redhat:advanced_cluster_security:3.74::el8 RHSA-2024:0304 2024-01-18T00:00:00Z
advanced-cluster-security/rhacs-scanner-db-rhel8:3.74.8-9 cpe:/a:redhat:advanced_cluster_security:3.74::el8 RHSA-2024:0304 2024-01-18T00:00:00Z
advanced-cluster-security/rhacs-scanner-db-slim-rhel8:3.74.8-9 cpe:/a:redhat:advanced_cluster_security:3.74::el8 RHSA-2024:0304 2024-01-18T00:00:00Z
RHACS-4.1-RHEL-8
advanced-cluster-security/rhacs-central-db-rhel8:4.1.6-6 cpe:/a:redhat:advanced_cluster_security:4.1::el8 RHSA-2024:0332 2024-01-22T00:00:00Z
advanced-cluster-security/rhacs-main-rhel8:4.1.6-6 cpe:/a:redhat:advanced_cluster_security:4.1::el8 RHSA-2024:0332 2024-01-22T00:00:00Z
advanced-cluster-security/rhacs-operator-bundle:4.1.6-6 cpe:/a:redhat:advanced_cluster_security:4.1::el8 RHSA-2024:0332 2024-01-22T00:00:00Z
advanced-cluster-security/rhacs-scanner-db-rhel8:4.1.6-6 cpe:/a:redhat:advanced_cluster_security:4.1::el8 RHSA-2024:0332 2024-01-22T00:00:00Z
advanced-cluster-security/rhacs-scanner-db-slim-rhel8:4.1.6-6 cpe:/a:redhat:advanced_cluster_security:4.1::el8 RHSA-2024:0332 2024-01-22T00:00:00Z

No data.

Project Subscriptions

Vendors Products
Postgresql Subscribe
Postgresql Subscribe
Redhat Subscribe
Advanced Cluster Security Subscribe
Codeready Linux Builder Eus Subscribe
Codeready Linux Builder Eus For Power Little Endian Eus Subscribe
Codeready Linux Builder For Arm64 Eus Subscribe
Codeready Linux Builder For Ibm Z Systems Eus Subscribe
Codeready Linux Builder For Power Little Endian Eus Subscribe
Enterprise Linux Subscribe
Enterprise Linux Desktop Subscribe
Enterprise Linux Eus Subscribe
Enterprise Linux For Arm 64 Subscribe
Enterprise Linux For Ibm Z Systems Subscribe
Enterprise Linux For Ibm Z Systems Eus Subscribe
Enterprise Linux For Power Big Endian Subscribe
Enterprise Linux For Power Little Endian Subscribe
Enterprise Linux For Power Little Endian Eus Subscribe
Enterprise Linux For Scientific Computing Subscribe
Enterprise Linux Server Subscribe
Enterprise Linux Server Aus Subscribe
Enterprise Linux Server Tus Subscribe
Enterprise Linux Workstation Subscribe
Rhel Aus Subscribe
Rhel E4s Subscribe
Rhel Eus Subscribe
Rhel Software Collections Subscribe
Rhel Tus Subscribe
Software Collections Subscribe
Advisories
Source ID Title
Debian DLA Debian DLA DLA-3651-1 postgresql-11 security update
Debian DSA Debian DSA DSA-5553-1 postgresql-15 security update
Debian DSA Debian DSA DSA-5554-1 postgresql-13 security update
EUVD EUVD EUVD-2023-58143 A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory.
Ubuntu USN Ubuntu USN USN-6538-1 PostgreSQL vulnerabilities
Ubuntu USN Ubuntu USN USN-6538-2 PostgreSQL vulnerabilities
Ubuntu USN Ubuntu USN USN-6570-1 PostgreSQL vulnerabilities
Fixes

Solution

No solution given by the vendor.

Workaround

Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.

References
Link Providers
https://access.redhat.com/errata/RHSA-2023:7545 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7579 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7580 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7581 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7616 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7656 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7666 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7667 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7694 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7695 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7714 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7770 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7771 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7772 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7778 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7783 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7784 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7785 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7786 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7788 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7789 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7790 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7878 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7883 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7884 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2023:7885 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:0304 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:0332 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:0337 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2023-5869 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2247169 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2023/11/msg00007.html cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2023-5869 cve-icon
https://security.netapp.com/advisory/ntap-20240119-0003/ cve-icon
https://www.cve.org/CVERecord?id=CVE-2023-5869 cve-icon
https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/ cve-icon cve-icon cve-icon
https://www.postgresql.org/support/security/CVE-2023-5869/ cve-icon cve-icon cve-icon
History

Tue, 04 Nov 2025 20:30:00 +0000

Type Values Removed Values Added
References

Sat, 25 Oct 2025 01:15:00 +0000

Type Values Removed Values Added
CPEs cpe:/o:redhat:enterprise_linux:9

Sat, 04 Oct 2025 01:30:00 +0000

Type Values Removed Values Added
CPEs cpe:/o:redhat:enterprise_linux:9

Fri, 22 Nov 2024 12:00:00 +0000

Type Values Removed Values Added
References

Sat, 14 Sep 2024 00:45:00 +0000

Type Values Removed Values Added
References

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2025-11-06T20:51:34.742Z

Reserved: 2023-10-31T03:56:42.638Z

Link: CVE-2023-5869

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-12-10T18:15:07.410

Modified: 2025-11-04T20:17:13.783

Link: CVE-2023-5869

cve-icon Redhat

Severity : Important

Publid Date: 2023-11-09T00:00:00Z

Links: CVE-2023-5869 - Bugzilla

cve-icon OpenCVE Enrichment

No data.

Weaknesses