CVE-2016-3065

Name of the Vulnerable Software and Affected Versions PostgreSQL versions prior to 9.5.2

Description The issue allows attackers to bypass intended access restrictions, potentially obtaining sensitive server memory information or causing a denial of service (server crash) via a crafted bytea value in a BRIN index page. This is due to the lack of permission checks for BRIN indexes in the pageinspect extension.

Recommendations For versions prior to 9.5.2, update to version 9.5.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the pageinspect extension to minimize the risk of exploitation.