vulnerability
CentOS Linux: CVE-2023-5870: Important: postgresql:13 security update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:M/Au:M/C:N/I:N/A:C) | 2023-11-30 | 2023-11-30 | 2025-01-28 |
Severity
6
CVSS
(AV:N/AC:M/Au:M/C:N/I:N/A:C)
Published
2023-11-30
Added
2023-11-30
Modified
2025-01-28
Description
A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.
Solution(s)
centos-upgrade-pg_repackcentos-upgrade-pg_repack-debuginfocentos-upgrade-pg_repack-debugsourcecentos-upgrade-pgauditcentos-upgrade-pgaudit-debuginfocentos-upgrade-pgaudit-debugsourcecentos-upgrade-postgres-decoderbufscentos-upgrade-postgres-decoderbufs-debuginfocentos-upgrade-postgres-decoderbufs-debugsourcecentos-upgrade-postgresqlcentos-upgrade-postgresql-contribcentos-upgrade-postgresql-contrib-debuginfocentos-upgrade-postgresql-debuginfocentos-upgrade-postgresql-debugsourcecentos-upgrade-postgresql-docscentos-upgrade-postgresql-docs-debuginfocentos-upgrade-postgresql-plperlcentos-upgrade-postgresql-plperl-debuginfocentos-upgrade-postgresql-plpython3centos-upgrade-postgresql-plpython3-debuginfocentos-upgrade-postgresql-pltclcentos-upgrade-postgresql-pltcl-debuginfocentos-upgrade-postgresql-private-develcentos-upgrade-postgresql-private-libscentos-upgrade-postgresql-private-libs-debuginfocentos-upgrade-postgresql-servercentos-upgrade-postgresql-server-debuginfocentos-upgrade-postgresql-server-develcentos-upgrade-postgresql-server-devel-debuginfocentos-upgrade-postgresql-staticcentos-upgrade-postgresql-testcentos-upgrade-postgresql-test-debuginfocentos-upgrade-postgresql-test-rpm-macroscentos-upgrade-postgresql-upgradecentos-upgrade-postgresql-upgrade-debuginfocentos-upgrade-postgresql-upgrade-develcentos-upgrade-postgresql-upgrade-devel-debuginfo
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.