vulnerability
Amazon Linux 2023: CVE-2025-12818: Medium priority package update for libpq (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Nov 13, 2025 | Dec 9, 2025 | Dec 9, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Nov 13, 2025
Added
Dec 9, 2025
Modified
Dec 9, 2025
Description
Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by hundreds of megabytes. This results in a segmentation fault for the application using libpq. Versions before PostgreSQL 18.1, 17.7, 16.11, 15.15, 14.20, and 13.23 are affected.
A vulnerability has been identified in PostgreSQL’s libpq client library, where integer wraparound in several allocation-size calculations allows a peer or input provider to cause an undersized buffer and then write out-of-bounds by hundreds of megabytes. This can lead to a client application segmentation fault or crash when using libpq to connect to a PostgreSQL server.
A vulnerability has been identified in PostgreSQL’s libpq client library, where integer wraparound in several allocation-size calculations allows a peer or input provider to cause an undersized buffer and then write out-of-bounds by hundreds of megabytes. This can lead to a client application segmentation fault or crash when using libpq to connect to a PostgreSQL server.
Solutions
amazon-linux-2023-upgrade-libpqamazon-linux-2023-upgrade-libpq-debuginfoamazon-linux-2023-upgrade-libpq-debugsourceamazon-linux-2023-upgrade-libpq-develamazon-linux-2023-upgrade-libpq-devel-debuginfoamazon-linux-2023-upgrade-postgresql15amazon-linux-2023-upgrade-postgresql15-contribamazon-linux-2023-upgrade-postgresql15-contrib-debuginfoamazon-linux-2023-upgrade-postgresql15-debuginfoamazon-linux-2023-upgrade-postgresql15-debugsourceamazon-linux-2023-upgrade-postgresql15-docsamazon-linux-2023-upgrade-postgresql15-docs-debuginfoamazon-linux-2023-upgrade-postgresql15-llvmjitamazon-linux-2023-upgrade-postgresql15-llvmjit-debuginfoamazon-linux-2023-upgrade-postgresql15-plperlamazon-linux-2023-upgrade-postgresql15-plperl-debuginfoamazon-linux-2023-upgrade-postgresql15-plpython3amazon-linux-2023-upgrade-postgresql15-plpython3-debuginfoamazon-linux-2023-upgrade-postgresql15-pltclamazon-linux-2023-upgrade-postgresql15-pltcl-debuginfoamazon-linux-2023-upgrade-postgresql15-private-develamazon-linux-2023-upgrade-postgresql15-private-libsamazon-linux-2023-upgrade-postgresql15-private-libs-debuginfoamazon-linux-2023-upgrade-postgresql15-serveramazon-linux-2023-upgrade-postgresql15-server-debuginfoamazon-linux-2023-upgrade-postgresql15-server-develamazon-linux-2023-upgrade-postgresql15-server-devel-debuginfoamazon-linux-2023-upgrade-postgresql15-staticamazon-linux-2023-upgrade-postgresql15-testamazon-linux-2023-upgrade-postgresql15-test-debuginfoamazon-linux-2023-upgrade-postgresql15-test-rpm-macrosamazon-linux-2023-upgrade-postgresql15-upgradeamazon-linux-2023-upgrade-postgresql15-upgrade-debuginfoamazon-linux-2023-upgrade-postgresql15-upgrade-develamazon-linux-2023-upgrade-postgresql15-upgrade-devel-debuginfoamazon-linux-2023-upgrade-postgresql16amazon-linux-2023-upgrade-postgresql16-contribamazon-linux-2023-upgrade-postgresql16-contrib-debuginfoamazon-linux-2023-upgrade-postgresql16-debuginfoamazon-linux-2023-upgrade-postgresql16-debugsourceamazon-linux-2023-upgrade-postgresql16-docsamazon-linux-2023-upgrade-postgresql16-docs-debuginfoamazon-linux-2023-upgrade-postgresql16-llvmjitamazon-linux-2023-upgrade-postgresql16-llvmjit-debuginfoamazon-linux-2023-upgrade-postgresql16-plperlamazon-linux-2023-upgrade-postgresql16-plperl-debuginfoamazon-linux-2023-upgrade-postgresql16-plpython3amazon-linux-2023-upgrade-postgresql16-plpython3-debuginfoamazon-linux-2023-upgrade-postgresql16-pltclamazon-linux-2023-upgrade-postgresql16-pltcl-debuginfoamazon-linux-2023-upgrade-postgresql16-private-develamazon-linux-2023-upgrade-postgresql16-private-libsamazon-linux-2023-upgrade-postgresql16-private-libs-debuginfoamazon-linux-2023-upgrade-postgresql16-serveramazon-linux-2023-upgrade-postgresql16-server-debuginfoamazon-linux-2023-upgrade-postgresql16-server-develamazon-linux-2023-upgrade-postgresql16-server-devel-debuginfoamazon-linux-2023-upgrade-postgresql16-staticamazon-linux-2023-upgrade-postgresql16-testamazon-linux-2023-upgrade-postgresql16-test-debuginfoamazon-linux-2023-upgrade-postgresql16-test-rpm-macrosamazon-linux-2023-upgrade-postgresql16-upgradeamazon-linux-2023-upgrade-postgresql16-upgrade-debuginfoamazon-linux-2023-upgrade-postgresql16-upgrade-develamazon-linux-2023-upgrade-postgresql16-upgrade-devel-debuginfoamazon-linux-2023-upgrade-postgresql17amazon-linux-2023-upgrade-postgresql17-contribamazon-linux-2023-upgrade-postgresql17-contrib-debuginfoamazon-linux-2023-upgrade-postgresql17-debuginfoamazon-linux-2023-upgrade-postgresql17-debugsourceamazon-linux-2023-upgrade-postgresql17-docsamazon-linux-2023-upgrade-postgresql17-docs-debuginfoamazon-linux-2023-upgrade-postgresql17-llvmjitamazon-linux-2023-upgrade-postgresql17-llvmjit-debuginfoamazon-linux-2023-upgrade-postgresql17-plperlamazon-linux-2023-upgrade-postgresql17-plperl-debuginfoamazon-linux-2023-upgrade-postgresql17-plpython3amazon-linux-2023-upgrade-postgresql17-plpython3-debuginfoamazon-linux-2023-upgrade-postgresql17-pltclamazon-linux-2023-upgrade-postgresql17-pltcl-debuginfoamazon-linux-2023-upgrade-postgresql17-private-develamazon-linux-2023-upgrade-postgresql17-private-libsamazon-linux-2023-upgrade-postgresql17-private-libs-debuginfoamazon-linux-2023-upgrade-postgresql17-serveramazon-linux-2023-upgrade-postgresql17-server-debuginfoamazon-linux-2023-upgrade-postgresql17-server-develamazon-linux-2023-upgrade-postgresql17-server-devel-debuginfoamazon-linux-2023-upgrade-postgresql17-staticamazon-linux-2023-upgrade-postgresql17-testamazon-linux-2023-upgrade-postgresql17-test-debuginfoamazon-linux-2023-upgrade-postgresql17-test-rpm-macrosamazon-linux-2023-upgrade-postgresql17-upgradeamazon-linux-2023-upgrade-postgresql17-upgrade-debuginfoamazon-linux-2023-upgrade-postgresql17-upgrade-develamazon-linux-2023-upgrade-postgresql17-upgrade-devel-debuginfo
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.