Ubuntu 5676-1: PostgreSQL vulnerability | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Contribute
==========================================================================
Ubuntu Security Notice USN-5676-1
October 13, 2022

postgresql-9.5 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 ESM

Summary:

PostgreSQL could be made to execute commands as the superuser.

Software Description:
- postgresql-9.5: Object-relational SQL database

Details:

Alexander Lakhin discovered that PostgreSQL incorrectly handled the
security restricted operation sandbox when a privileged user is 
maintaining another user’s objects. An attacker having permission to 
create non-temp objects can use this issue to execute arbitrary commands 
as the superuser.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
   postgresql-9.5                  9.5.25-0ubuntu0.16.04.1+esm2

After a standard system update you need to restart PostgreSQL to
make all the necessary changes.

References:
   https://ubuntu.com/security/notices/USN-5676-1
   CVE-2022-1552

Ubuntu 5676-1: PostgreSQL vulnerability

October 13, 2022
PostgreSQL could be made to execute commands as the superuser.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 ESM Summary: PostgreSQL could be made to execute commands as the superuser. Software Description: - postgresql-9.5: Object-relational SQL database Details: Alexander Lakhin discovered that PostgreSQL incorrectly handled the security restricted operation sandbox when a privileged user is maintaining another user’s objects. An attacker having permission to create non-temp objects can use this issue to execute arbitrary commands as the superuser.

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: postgresql-9.5 9.5.25-0ubuntu0.16.04.1+esm2 After a standard system update you need to restart PostgreSQL to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5676-1

CVE-2022-1552

Severity
Ubuntu Security Notice USN-5676-1

Package Information

News

Advisories

HOWTOs

Features

Best Linux Backup Solutions to Prevent Data Loss in A Ransomware Attack
ManageEngine Vulnerability Manager Plus: How To Protect Your Enterprise from Security Vulnerabilities
High-Impact DoS, Arbitrary Code Execution, Spoofing Bugs Fixed in Thunderbird 102.9.0
A Guide to Business Cybersecurity: Common Digital Attacks and Precautions
New Linux IceFire Ransomware Variant Discovered: What You Need to Know to Secure Your Systems

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy