PT-2023-2247 · Unknown+10 · Postgresql+9

Jacob Champion

·

Published

2023-02-08

·

Updated

2026-04-03

·

CVE-2022-41862

CVSS v3.1

3.7

Low

VectorAV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions PostgreSQL (affected versions not specified)
Description The issue is related to information disclosure in PostgreSQL. It occurs when a modified, unauthenticated server sends an unterminated string during the establishment of Kerberos transport encryption, potentially causing a libpq client to over-read and report an error message containing uninitialized bytes. This could allow a remote attacker to gain unauthorized access to protected information.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Information Disclosure

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-125

Related Identifiers

ALSA-2023:1576
ALSA-2023:1693
ALSA-2023:4535
ALSA-2023:6429
ALSA-2023:7016
ALT-PU-2023-1208
ALT-PU-2023-1209
ALT-PU-2023-1210
ALT-PU-2023-1211
ALT-PU-2023-1301
ALT-PU-2023-1302
ALT-PU-2023-1303
ALT-PU-2023-1304
ALT-PU-2023-1361
ALT-PU-2023-1362
ALT-PU-2023-6629
ALT-PU-2023-6630
BDU:2023-02003
BIT-POSTGRESQL-2022-41862
CESA-2023_1576
CESA-2023_4535
CESA-2023_7016
CLEANSTART-2026-FW42039
CLEANSTART-2026-HJ04971
CVE-2022-41862
DLA-3316-1
ECHO-2A2D-E9DA-5962
JLSEC-2026-39
MGASA-2023-0064
OPENSUSE-SU-2023_0450-1
OPENSUSE-SU-2024:12677-1
OPENSUSE-SU-2024:12678-1
OPENSUSE-SU-2024:12679-1
OPENSUSE-SU-2024:12680-1
OPENSUSE-SU-2024:14360-1
OPENSUSE-SU-2025:15580-1
RHSA-2023:1576
RHSA-2023:1693
RHSA-2023:4535
RHSA-2023:6429
RHSA-2023:7016
RHSA-2023:7545
RHSA-2023:7580
RHSA-2023:7666
RHSA-2023:7667
RHSA-2023:7694
RHSA-2023:7695
RHSA-2023:7772
RHSA-2023_1576
RHSA-2023_1693
RHSA-2023_4535
RHSA-2023_6429
RHSA-2023_7016
RLSA-2023:1576
RLSA-2023:4535
ROSA-SA-2024-2484
ROSA-SA-2024-2485
SUSE-SU-2023:0390-1
SUSE-SU-2023:0391-1
SUSE-SU-2023:0392-1
SUSE-SU-2023:0393-1
SUSE-SU-2023:0450-1
SUSE-SU-2023:0479-1
SUSE-SU-2023:0569-1
SUSE-SU-2023:0583-1
SUSE-SU-2023:0705-1
SUSE-SU-2023_0390-1
SUSE-SU-2023_0391-1
SUSE-SU-2023_0392-1
SUSE-SU-2023_0393-1
SUSE-SU-2023_0450-1
SUSE-SU-2023_0479-1
SUSE-SU-2023_0569-1
SUSE-SU-2023_0583-1
SUSE-SU-2023_0705-1
USN-5906-1

Affected Products

Alt Linux
Almalinux
Centos
Linuxmint
Postgresql
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu