1. CVE-Search
  2. CVE-2019-10164
ID CVE-2019-10164
Summary PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the PostgreSQL operating system account.
References
Vulnerable Configurations
  • cpe:2.3:a:postgresql:postgresql:10.0:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:10.1:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:10.1:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:10.2:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:10.2:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:10.3:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:10.3:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:10.4:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:10.4:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:10.5:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:10.5:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:10.6:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:10.6:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:10.7:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:10.7:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:10.8:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:10.8:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:11.0:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:11.1:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:11.2:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:11.2:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:11.3:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:11.3:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
CVSS
Base: 9.0 (as of 02-10-2020 - 14:34)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:S/C:C/I:C/A:C
redhat via4
advisories
bugzilla
id 1749461
title Rebase libpq to the version that is shipped with postgresql v12
oval
OR
  • comment Red Hat Enterprise Linux must be installed
    oval oval:com.redhat.rhba:tst:20070304026
  • AND
    • comment Red Hat Enterprise Linux 8 is installed
      oval oval:com.redhat.rhba:tst:20193384074
    • OR
      • AND
        • comment libpq is earlier than 0:12.1-3.el8
          oval oval:com.redhat.rhea:tst:20200343001
        • comment libpq is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhea:tst:20200343002
      • AND
        • comment libpq-debugsource is earlier than 0:12.1-3.el8
          oval oval:com.redhat.rhea:tst:20200343003
        • comment libpq-debugsource is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhea:tst:20200343004
      • AND
        • comment libpq-devel is earlier than 0:12.1-3.el8
          oval oval:com.redhat.rhea:tst:20200343005
        • comment libpq-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhea:tst:20200343006
rhsa
id RHEA-2020:0343
released 2020-02-04
severity Moderate
title RHEA-2020:0343: libpq bug fix and enhancement update (Moderate)
rpms
  • libpq-0:12.1-3.el8
  • libpq-debuginfo-0:12.1-3.el8
  • libpq-debugsource-0:12.1-3.el8
  • libpq-devel-0:12.1-3.el8
  • libpq-devel-debuginfo-0:12.1-3.el8
  • rh-postgresql10-postgresql-0:10.12-2.el7
  • rh-postgresql10-postgresql-contrib-0:10.12-2.el7
  • rh-postgresql10-postgresql-contrib-syspaths-0:10.12-2.el7
  • rh-postgresql10-postgresql-debuginfo-0:10.12-2.el7
  • rh-postgresql10-postgresql-devel-0:10.12-2.el7
  • rh-postgresql10-postgresql-docs-0:10.12-2.el7
  • rh-postgresql10-postgresql-libs-0:10.12-2.el7
  • rh-postgresql10-postgresql-plperl-0:10.12-2.el7
  • rh-postgresql10-postgresql-plpython-0:10.12-2.el7
  • rh-postgresql10-postgresql-pltcl-0:10.12-2.el7
  • rh-postgresql10-postgresql-server-0:10.12-2.el7
  • rh-postgresql10-postgresql-server-syspaths-0:10.12-2.el7
  • rh-postgresql10-postgresql-static-0:10.12-2.el7
  • rh-postgresql10-postgresql-syspaths-0:10.12-2.el7
  • rh-postgresql10-postgresql-test-0:10.12-2.el7
  • postgresql-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-contrib-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-contrib-debuginfo-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-debuginfo-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-debugsource-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-docs-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-docs-debuginfo-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-plperl-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-plperl-debuginfo-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-plpython3-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-plpython3-debuginfo-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-pltcl-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-pltcl-debuginfo-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-server-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-server-debuginfo-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-server-devel-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-server-devel-debuginfo-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-static-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-test-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-test-debuginfo-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-test-rpm-macros-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-upgrade-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-upgrade-debuginfo-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-upgrade-devel-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-upgrade-devel-debuginfo-0:10.14-1.module+el8.2.0+7801+be0fed80
  • postgresql-0:10.15-1.module+el8.0.0+9155+4a85661a
  • postgresql-contrib-0:10.15-1.module+el8.0.0+9155+4a85661a
  • postgresql-contrib-debuginfo-0:10.15-1.module+el8.0.0+9155+4a85661a
  • postgresql-debuginfo-0:10.15-1.module+el8.0.0+9155+4a85661a
  • postgresql-debugsource-0:10.15-1.module+el8.0.0+9155+4a85661a
  • postgresql-docs-0:10.15-1.module+el8.0.0+9155+4a85661a
  • postgresql-docs-debuginfo-0:10.15-1.module+el8.0.0+9155+4a85661a
  • postgresql-plperl-0:10.15-1.module+el8.0.0+9155+4a85661a
  • postgresql-plperl-debuginfo-0:10.15-1.module+el8.0.0+9155+4a85661a
  • postgresql-plpython3-0:10.15-1.module+el8.0.0+9155+4a85661a
  • postgresql-plpython3-debuginfo-0:10.15-1.module+el8.0.0+9155+4a85661a
  • postgresql-pltcl-0:10.15-1.module+el8.0.0+9155+4a85661a
  • postgresql-pltcl-debuginfo-0:10.15-1.module+el8.0.0+9155+4a85661a
  • postgresql-server-0:10.15-1.module+el8.0.0+9155+4a85661a
  • postgresql-server-debuginfo-0:10.15-1.module+el8.0.0+9155+4a85661a
  • postgresql-server-devel-0:10.15-1.module+el8.0.0+9155+4a85661a
  • postgresql-server-devel-debuginfo-0:10.15-1.module+el8.0.0+9155+4a85661a
  • postgresql-static-0:10.15-1.module+el8.0.0+9155+4a85661a
  • postgresql-test-0:10.15-1.module+el8.0.0+9155+4a85661a
  • postgresql-test-debuginfo-0:10.15-1.module+el8.0.0+9155+4a85661a
  • postgresql-test-rpm-macros-0:10.15-1.module+el8.0.0+9155+4a85661a
  • postgresql-upgrade-0:10.15-1.module+el8.0.0+9155+4a85661a
  • postgresql-upgrade-debuginfo-0:10.15-1.module+el8.0.0+9155+4a85661a
  • postgresql-upgrade-devel-0:10.15-1.module+el8.0.0+9155+4a85661a
  • postgresql-upgrade-devel-debuginfo-0:10.15-1.module+el8.0.0+9155+4a85661a
  • postgresql-0:10.15-1.module+el8.1.0+9154+cd474635
  • postgresql-contrib-0:10.15-1.module+el8.1.0+9154+cd474635
  • postgresql-contrib-debuginfo-0:10.15-1.module+el8.1.0+9154+cd474635
  • postgresql-debuginfo-0:10.15-1.module+el8.1.0+9154+cd474635
  • postgresql-debugsource-0:10.15-1.module+el8.1.0+9154+cd474635
  • postgresql-docs-0:10.15-1.module+el8.1.0+9154+cd474635
  • postgresql-docs-debuginfo-0:10.15-1.module+el8.1.0+9154+cd474635
  • postgresql-plperl-0:10.15-1.module+el8.1.0+9154+cd474635
  • postgresql-plperl-debuginfo-0:10.15-1.module+el8.1.0+9154+cd474635
  • postgresql-plpython3-0:10.15-1.module+el8.1.0+9154+cd474635
  • postgresql-plpython3-debuginfo-0:10.15-1.module+el8.1.0+9154+cd474635
  • postgresql-pltcl-0:10.15-1.module+el8.1.0+9154+cd474635
  • postgresql-pltcl-debuginfo-0:10.15-1.module+el8.1.0+9154+cd474635
  • postgresql-server-0:10.15-1.module+el8.1.0+9154+cd474635
  • postgresql-server-debuginfo-0:10.15-1.module+el8.1.0+9154+cd474635
  • postgresql-server-devel-0:10.15-1.module+el8.1.0+9154+cd474635
  • postgresql-server-devel-debuginfo-0:10.15-1.module+el8.1.0+9154+cd474635
  • postgresql-static-0:10.15-1.module+el8.1.0+9154+cd474635
  • postgresql-test-0:10.15-1.module+el8.1.0+9154+cd474635
  • postgresql-test-debuginfo-0:10.15-1.module+el8.1.0+9154+cd474635
  • postgresql-test-rpm-macros-0:10.15-1.module+el8.1.0+9154+cd474635
  • postgresql-upgrade-0:10.15-1.module+el8.1.0+9154+cd474635
  • postgresql-upgrade-debuginfo-0:10.15-1.module+el8.1.0+9154+cd474635
  • postgresql-upgrade-devel-0:10.15-1.module+el8.1.0+9154+cd474635
  • postgresql-upgrade-devel-debuginfo-0:10.15-1.module+el8.1.0+9154+cd474635
refmap via4
confirm https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10164
fedora
  • FEDORA-2019-9f04a701c0
  • FEDORA-2019-e43f49b428
gentoo GLSA-202003-03
misc https://www.postgresql.org/about/news/1949/
suse openSUSE-SU-2019:1773
Last major update 02-10-2020 - 14:34
Published 26-06-2019 - 16:15
Last modified 02-10-2020 - 14:34
Back to Top