PT-2024-8140 · Postgresql+11 · Postgresql+11

Tom Lane

·

Published

2024-11-14

·

Updated

2026-04-03

·

CVE-2024-10978

CVSS v3.1

8.8

High

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: PostgreSQL versions prior to 17.1 PostgreSQL versions prior to 16.5 PostgreSQL versions prior to 15.9 PostgreSQL versions prior to 14.14 PostgreSQL versions prior to 13.17 PostgreSQL versions prior to 12.21
Description: The issue arises from incorrect privilege assignment, allowing a less-privileged application user to view or change different rows from those intended. An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or an equivalent feature. The problem occurs when an application query uses parameters from the attacker or conveys query results to the attacker, and reacts to current setting('role') or the current user ID. This may cause the query to modify or return data as though the session had not used SET ROLE or SET SESSION AUTHORIZATION. The attacker does not control which incorrect user ID applies.
Recommendations: For versions prior to 17.1, update to PostgreSQL 17.1 or later. For versions prior to 16.5, update to PostgreSQL 16.5 or later. For versions prior to 15.9, update to PostgreSQL 15.9 or later. For versions prior to 14.14, update to PostgreSQL 14.14 or later. For versions prior to 13.17, update to PostgreSQL 13.17 or later. For versions prior to 12.21, update to PostgreSQL 12.21 or later. As a temporary workaround, consider restricting the use of SET ROLE and SET SESSION AUTHORIZATION features until a patch is available. Avoid using parameters from untrusted sources in application queries, and ensure that query results are not conveyed to attackers.

Fix

Incorrect Privilege Assignment

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-266CWE-264

Related Identifiers

ALSA-2024:10785
ALSA-2024:10787
ALSA-2024:10788
ALSA-2024:10791
ALSA-2024:10830
ALSA-2024:10831
ALSA-2024:10832
ALT-PU-2024-15897
ALT-PU-2024-15899
ALT-PU-2024-15900
ALT-PU-2024-15901
ALT-PU-2024-15902
ALT-PU-2024-15905
ALT-PU-2024-15907
ALT-PU-2024-16008
ALT-PU-2024-16010
ALT-PU-2024-16011
ALT-PU-2024-16012
ALT-PU-2024-16013
ALT-PU-2024-16159
ALT-PU-2024-16161
ALT-PU-2024-16162
ALT-PU-2024-16163
ALT-PU-2024-16164
ALT-PU-2024-16165
ALT-PU-2024-16336
ALT-PU-2024-16338
ALT-PU-2024-17039
ALT-PU-2024-17041
ALT-PU-2024-17042
ALT-PU-2024-17043
ALT-PU-2024-17044
AZL-53204
AZL-53209
BDU:2024-09681
BIT-POSTGRESQL-2024-10978
CESA-2024_10785
CESA-2024_10830
CESA-2024_10831
CESA-2024_10832
CVE-2024-10978
DLA-3954-1
DLA-3954-2
DSA-5812-1
DSA-5812-2
ECHO-9AA9-6DA5-918F
INFSA-2024_10785
INFSA-2024_10787
INFSA-2024_10788
INFSA-2024_10791
INFSA-2024_10830
INFSA-2024_10831
INFSA-2024_10832
JLSEC-2026-49
MGASA-2024-0372
OESA-2024-2427
OESA-2024-2428
OESA-2024-2429
OESA-2024-2430
OESA-2024-2466
OESA-2024-2467
OESA-2024-2468
OESA-2024-2469
OESA-2025-1335
OPENSUSE-SU-2024:14501-1
OPENSUSE-SU-2024:14502-1
OPENSUSE-SU-2024:14503-1
OPENSUSE-SU-2024:14504-1
OPENSUSE-SU-2024:14505-1
OPENSUSE-SU-2024:14506-1
OPENSUSE-SU-2024_4063-1
OPENSUSE-SU-2024_4098-1
OPENSUSE-SU-2024_4099-1
OPENSUSE-SU-2024_4118-1
OPENSUSE-SU-2024_4173-1
OPENSUSE-SU-2024_4174-1
OPENSUSE-SU-2024_4175-1
OPENSUSE-SU-2024_4176-1
RHSA-2024:10785
RHSA-2024:10787
RHSA-2024:10788
RHSA-2024:10791
RHSA-2024:10830
RHSA-2024:10831
RHSA-2024:10832
RHSA-2024_10785
RHSA-2024_10787
RHSA-2024_10788
RHSA-2024_10791
RHSA-2024_10830
RHSA-2024_10831
RHSA-2024_10832
RLSA-2024:10785
RLSA-2024:10787
RLSA-2024:10788
RLSA-2024:10830
RLSA-2024:10831
RLSA-2024:10832
ROSA-SA-2025-2787
SUSE-SU-2024:4052-1
SUSE-SU-2024:4063-1
SUSE-SU-2024:4095-1
SUSE-SU-2024:4096-1
SUSE-SU-2024:4097-1
SUSE-SU-2024:4098-1
SUSE-SU-2024:4099-1
SUSE-SU-2024:4114-1
SUSE-SU-2024:4118-1
SUSE-SU-2024:4173-1
SUSE-SU-2024:4174-1
SUSE-SU-2024:4175-1
SUSE-SU-2024:4176-1
SUSE-SU-2025:01799-1
SUSE-SU-2025_01799-1
USN-7132-1
USN-7358-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Postgresql
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu
Zvirt Node