Vulnerability CVE-2018-16850: Information
Description
postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with superuser privileges.
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
|---|---|---|---|---|---|---|
| postgresql10 | p10 | 10.6-alt1 | 10.23-alt1.p10.3 | ALT-PU-2018-2606-1 | 216238 | Fixed |
| postgresql10 | p9 | 10.6-alt1 | 10.23-alt0.M90P.1 | ALT-PU-2018-2606-1 | 216238 | Fixed |
| postgresql10 | p8 | 10.6-alt0.M80P.1 | 10.19-alt0.M80P.1 | ALT-PU-2018-2815-1 | 216249 | Fixed |
| postgresql10 | c10f1 | 10.6-alt1 | 10.23-alt1 | ALT-PU-2018-2606-1 | 216238 | Fixed |
| postgresql10 | c9f2 | 10.6-alt1 | 10.23-alt0.M90P.1 | ALT-PU-2018-2606-1 | 216238 | Fixed |
| postgresql11 | p10 | 11.1-alt1 | 11.22-alt0.p10.3 | ALT-PU-2018-2608-1 | 216238 | Fixed |
| postgresql11 | p9 | 11.1-alt1 | 11.22-alt0.M90P.1 | ALT-PU-2018-2608-1 | 216238 | Fixed |
| postgresql11 | c10f1 | 11.1-alt1 | 11.22-alt0.p10.1 | ALT-PU-2018-2608-1 | 216238 | Fixed |
| postgresql11 | c9f2 | 11.1-alt1 | 11.22-alt0.M90P.1 | ALT-PU-2018-2608-1 | 216238 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
|---|---|
| https://www.postgresql.org/about/news/1905/ |
|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16850 |
|
| USN-3818-1 |
|
| 1042144 |
|
| 105923 |
|
| GLSA-201811-24 |
|
| RHSA-2018:3757 |
|