Unknown · Postgresql · CVE-2023-5870
**Name of the Vulnerable Software and Affected Versions**
PostgreSQL (affected versions not specified)
**Description**
The issue is related to the `pg signal backend` role in PostgreSQL, which allows signaling certain superuser processes. This can be exploited by a remote high-privileged user to launch a denial of service (DoS) attack, affecting specific background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.