PT-2021-3133 · Unknown+10 · Postgresql+9

Tom Lane

·

Published

2021-05-12

·

Updated

2026-04-03

·

CVE-2021-32029

CVSS v2.0

6.8

Medium

VectorAV:N/AC:L/Au:S/C:C/I:N/A:N
Name of the Vulnerable Software and Affected Versions PostgreSQL (affected versions not specified)
Description The issue is related to a flaw in the implementation of the UPDATE ... RETURNING command in the PostgreSQL database management system, which is associated with memory release errors. This can allow a remote attacker to gain unauthorized access to protected information. An authenticated database user could read arbitrary bytes of server memory by using the UPDATE ... RETURNING command on a purpose-crafted table, posing a threat to data confidentiality.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Leak

Information Disclosure

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-401CWE-200CWE-125

Related Identifiers

ALSA-2021:2372
ALSA-2021:2375
ALT-PU-2021-1820
ALT-PU-2021-1823
ALT-PU-2021-1824
ALT-PU-2021-1826
ALT-PU-2021-1848
ALT-PU-2021-1851
ALT-PU-2021-1852
ALT-PU-2021-1904
ALT-PU-2021-1905
ALT-PU-2021-2604
ALT-PU-2021-3564
BDU:2021-02774
BIT-POSTGRESQL-2021-32029
CESA-2021_2372
CESA-2021_2375
CLEANSTART-2026-FW42039
CLEANSTART-2026-HJ04971
CVE-2021-32029
DSA-4915-1
ECHO-1646-48BD-B81A
JLSEC-2026-33
MGASA-2021-0221
OPENSUSE-SU-2021:1785-1
OPENSUSE-SU-2021:1994-1
OPENSUSE-SU-2021_1785-1
OPENSUSE-SU-2021_1994-1
OPENSUSE-SU-2024:11185-1
OPENSUSE-SU-2024:11186-1
OPENSUSE-SU-2024:11187-1
OPENSUSE-SU-2024:12387-1
OPENSUSE-SU-2024:13243-1
OPENSUSE-SU-2024:14360-1
OPENSUSE-SU-2025:15580-1
RHSA-2021:2372
RHSA-2021:2375
RHSA-2021:2389
RHSA-2021:2394
RHSA-2021:2396
RHSA-2021_2372
RHSA-2021_2375
RLSA-2021:2372
RLSA-2021:2375
SUSE-SU-2021:1783-1
SUSE-SU-2021:1784-1
SUSE-SU-2021:1785-1
SUSE-SU-2021:1785-2
SUSE-SU-2021:1994-1
SUSE-SU-2022:2958-1
USN-4972-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Postgresql
Red Hat
Rocky Linux
Suse
Ubuntu