CVE-2015-3165

Name of the Vulnerable Software and Affected Versions PostgreSQL versions 9.0.x through 9.0.19 PostgreSQL versions 9.1.x through 9.1.15 PostgreSQL versions 9.2.x through 9.2.10 PostgreSQL versions 9.3.x through 9.3.6 PostgreSQL versions 9.4.x through 9.4.1

Description The issue is related to a double free vulnerability that allows remote attackers to cause a denial of service by closing an SSL session at a specific time during the session shutdown sequence. This can lead to a crash. The estimated number of potentially affected devices and details about real-world incidents are not provided.

Recommendations For PostgreSQL versions 9.0.x through 9.0.19, update to version 9.0.20 or later. For PostgreSQL versions 9.1.x through 9.1.15, update to version 9.1.16 or later. For PostgreSQL versions 9.2.x through 9.2.10, update to version 9.2.11 or later. For PostgreSQL versions 9.3.x through 9.3.6, update to version 9.3.7 or later. For PostgreSQL versions 9.4.x through 9.4.1, update to version 9.4.2 or later.