PT-2023-6838 · Unknown+11 · Postgresql+10

Pedro Gallegos

·

Published

2023-11-08

·

Updated

2026-04-03

·

CVE-2023-5869

CVSS v2.0

9.0

High

VectorAV:N/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions PostgreSQL (affected versions not specified)
Description A flaw in PostgreSQL allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Integer Overflow

Weakness Enumeration

CWE-190

Related Identifiers

ALSA-2023:7581
ALSA-2023:7714
ALSA-2023:7784
ALSA-2023:7785
ALSA-2023:7790
ALSA-2023:7884
ALT-PU-2023-7057
ALT-PU-2023-7058
ALT-PU-2023-7059
ALT-PU-2023-7060
ALT-PU-2023-7061
ALT-PU-2023-7062
ALT-PU-2023-7081
ALT-PU-2023-7082
ALT-PU-2023-7083
ALT-PU-2023-7086
ALT-PU-2023-7087
ALT-PU-2023-7088
ALT-PU-2023-7089
ALT-PU-2023-7090
ALT-PU-2023-7207
ALT-PU-2023-7479
ALT-PU-2023-7480
ALT-PU-2023-7481
ALT-PU-2023-8221
ALT-PU-2023-8222
ALT-PU-2023-8223
ALT-PU-2023-8224
ALT-PU-2023-8225
ALT-PU-2023-8226
AZL-32104
BDU:2023-07840
BIT-POSTGRESQL-2023-5869
CESA-2023_7581
CESA-2023_7714
CESA-2023_7783
CESA-2023_7790
CESA-2023_7884
CVE-2023-5869
DLA-3651-1
DSA-5553-1
DSA-5554-1
ECHO-BDCA-6110-0F62
JLSEC-2026-44
MGASA-2023-0324
OESA-2024-2428
OESA-2025-1335
OPENSUSE-SU-2023_4454-1
OPENSUSE-SU-2023_4455-1
OPENSUSE-SU-2023_4479-1
OPENSUSE-SU-2023_4495-1
OPENSUSE-SU-2024:13408-1
OPENSUSE-SU-2024:13409-1
OPENSUSE-SU-2024:13410-1
OPENSUSE-SU-2024:13413-1
OPENSUSE-SU-2024:13414-1
OPENSUSE-SU-2024:13668-1
OPENSUSE-SU-2025:15580-1
RHSA-2023:7545
RHSA-2023:7579
RHSA-2023:7580
RHSA-2023:7581
RHSA-2023:7616
RHSA-2023:7656
RHSA-2023:7666
RHSA-2023:7667
RHSA-2023:7694
RHSA-2023:7695
RHSA-2023:7714
RHSA-2023:7770
RHSA-2023:7771
RHSA-2023:7772
RHSA-2023:7778
RHSA-2023:7783
RHSA-2023:7784
RHSA-2023:7785
RHSA-2023:7786
RHSA-2023:7788
RHSA-2023:7789
RHSA-2023:7790
RHSA-2023:7878
RHSA-2023:7883
RHSA-2023:7884
RHSA-2023:7885
RHSA-2023_7581
RHSA-2023_7714
RHSA-2023_7783
RHSA-2023_7784
RHSA-2023_7785
RHSA-2023_7790
RHSA-2023_7884
RLSA-2023:7581
RLSA-2023:7714
RLSA-2023:7785
RLSA-2023:7790
ROSA-SA-2024-2484
ROSA-SA-2024-2485
ROSA-SA-2024-2486
ROSA-SA-2025-2666
ROSA-SA-2025-2788
SUSE-SU-2023:4418-1
SUSE-SU-2023:4425-1
SUSE-SU-2023:4433-1
SUSE-SU-2023:4434-1
SUSE-SU-2023:4454-1
SUSE-SU-2023:4455-1
SUSE-SU-2023:4479-1
SUSE-SU-2023:4495-1
SUSE-SU-2024:0106-1
USN-6538-1
USN-6538-2
USN-6570-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Postgresql
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu