Details of VAR-201907-1315

ID

VAR-201907-1315

CVE

CVE-2019-10129

TITLE

postgresql Vulnerable to information disclosure

Trust: 0.8

sources: JVNDB: JVNDB-2019-007133

DESCRIPTION

A vulnerability was found in postgresql versions 11.x prior to 11.3. Using a purpose-crafted insert to a partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any user can create a partitioned table suitable for this attack. (Exploit prerequisites are the same as for CVE-2018-1052). postgresql Contains an information disclosure vulnerability.Information may be obtained. PostgreSQL is a set of free object relational database management system organized by PostgreSQL. The system supports most SQL standards and provides many other features, such as foreign keys, triggers, views, and more. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202003-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: PostgreSQL: Multiple vulnerabilities Date: March 12, 2020 Bugs: #685846, #688420, #709708 ID: 202003-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in PostgreSQL, the worst of which could result in the execution of arbitrary code. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-db/postgresql < 9.4.26:9.4 >= 9.4.26:9.4 < 9.5.21:9.5 >= 9.5.21:9.5 < 9.6.17:9.6 >= 9.6.17:9.6 < 10.12:10 >= 10.12:10 < 11.7:11 >= 11.7:11 < 12.2:12 >= 12.2:12 Description =========== Multiple vulnerabilities have been discovered in PostgreSQL. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could possibly execute arbitrary code with the privileges of the process, bypass certain client-side connection security features, read arbitrary server memory, alter certain data or cause a Denial of Service condition. Workaround ========== There is no known workaround at this time. Resolution ========== All PostgreSQL 9.4.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.4.26:9.4" All PostgreSQL 9.5.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.5.21:9.5" All PostgreSQL 9.6.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.6.17:9.6" All PostgreSQL 10.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/postgresql-10.12:10" All PostgreSQL 11.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/postgresql-11.7:11" All PostgreSQL 12.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/postgresql-12.2:12" References ========== [ 1 ] CVE-2019-10129 https://nvd.nist.gov/vuln/detail/CVE-2019-10129 [ 2 ] CVE-2019-10130 https://nvd.nist.gov/vuln/detail/CVE-2019-10130 [ 3 ] CVE-2019-10164 https://nvd.nist.gov/vuln/detail/CVE-2019-10164 [ 4 ] CVE-2020-1720 https://nvd.nist.gov/vuln/detail/CVE-2020-1720 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202003-03 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . ========================================================================== Ubuntu Security Notice USN-3972-1 May 13, 2019 postgresql-10, postgresql-11, postgresql-9.5 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 19.04 - Ubuntu 18.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in PostgreSQL. This issue only affected Ubuntu 19.04. (CVE-2019-10129) Dean Rasheed discovered that PostgreSQL incorrectly handled selectivity estimators. A remote attacker could possibly use this issue to bypass row security policies. (CVE-2019-10130) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04: postgresql-11 11.3-0ubuntu0.19.04.1 Ubuntu 18.10: postgresql-10 10.8-0ubuntu0.18.10.1 Ubuntu 18.04 LTS: postgresql-10 10.8-0ubuntu0.18.04.1 Ubuntu 16.04 LTS: postgresql-9.5 9.5.17-0ubuntu0.16.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart PostgreSQL to make all the necessary changes. References: https://usn.ubuntu.com/usn/usn-3972-1 CVE-2019-10129, CVE-2019-10130 Package Information: https://launchpad.net/ubuntu/+source/postgresql-11/11.3-0ubuntu0.19.04.1 https://launchpad.net/ubuntu/+source/postgresql-10/10.8-0ubuntu0.18.10.1 https://launchpad.net/ubuntu/+source/postgresql-10/10.8-0ubuntu0.18.04.1 https://launchpad.net/ubuntu/+source/postgresql-9.5/9.5.17-0ubuntu0.16.04.1

Trust: 2.7

sources: NVD: CVE-2019-10129 // JVNDB: JVNDB-2019-007133 // CNVD: CNVD-2019-16482 // BID: 108506 // VULMON: CVE-2019-10129 // PACKETSTORM: 156711 // PACKETSTORM: 152824

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2019-16482

AFFECTED PRODUCTS

vendor:	postgresql	model:	postgresql	scope:	lt	version:	11.3	Trust: 1.0
vendor:	postgresql	model:	postgresql	scope:	gte	version:	11.0	Trust: 1.0
vendor:	postgresql	model:	postgresql	scope:	lt	version:	11.x	Trust: 0.8
vendor:	postgresql	model:	postgresql	scope:	eq	version:	11.3	Trust: 0.8
vendor:	postgresql	model:	postgresql	scope:	-	version:	-	Trust: 0.6
vendor:	ubuntu	model:	linux	scope:	eq	version:	19.04	Trust: 0.3
vendor:	postgresql	model:	postgresql	scope:	eq	version:	11.2	Trust: 0.3
vendor:	postgresql	model:	postgresql	scope:	eq	version:	11.1	Trust: 0.3
vendor:	postgresql	model:	postgresql	scope:	eq	version:	11	Trust: 0.3
vendor:	postgresql	model:	postgresql	scope:	ne	version:	11.3	Trust: 0.3

sources: CNVD: CNVD-2019-16482 // BID: 108506 // JVNDB: JVNDB-2019-007133 // NVD: CVE-2019-10129

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-10129
value:	MEDIUM
Trust: 1.0
secalert@redhat.com:	CVE-2019-10129
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-10129
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2019-16482
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201905-333
value:	MEDIUM
Trust: 0.6
VULMON:	CVE-2019-10129
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-10129
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2019-16482
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

secalert@redhat.com:	CVE-2019-10129
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2019-10129
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.1
Trust: 1.0

sources: CNVD: CNVD-2019-16482 // VULMON: CVE-2019-10129 // JVNDB: JVNDB-2019-007133 // CNNVD: CNNVD-201905-333 // NVD: CVE-2019-10129 // NVD: CVE-2019-10129

PROBLEMTYPE DATA

problemtype:	CWE-125	Trust: 1.0
problemtype:	CWE-200	Trust: 0.8

sources: JVNDB: JVNDB-2019-007133 // NVD: CVE-2019-10129

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 152824 // CNNVD: CNNVD-201905-333

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201905-333

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-007133

PATCH

title:	PostgreSQL 11.3, 10.8, 9.6.13, 9.5.17, and 9.4.22 Released!	url:	https://www.postgresql.org/about/news/1939/	Trust: 0.8
title:	Patch for PostgreSQL Memory Leak Vulnerability (CNVD-2019-16482)	url:	https://www.cnvd.org.cn/patchInfo/show/162925	Trust: 0.6
title:	PostgreSQL Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92497	Trust: 0.6
title:	Ubuntu Security Notice: postgresql-10, postgresql-11, postgresql-9.5 vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3972-1	Trust: 0.1
title:	PostgreSQL CVE: CVE-2019-10129	url:	https://vulmon.com/vendoradvisory?qidtp=postgresql_cve&qid=43abd0671e28c0d36ed09da2aa374848	Trust: 0.1
title:	PostgreSQL Security Announcements: PostgreSQL 11.3, 10.8, 9.6.13, 9.5.17, and 9.4.22 Released!	url:	https://vulmon.com/vendoradvisory?qidtp=postgresql_security_announcements&qid=c32b14b98b9f434476d955dd6620c592	Trust: 0.1
title:	PostgreSQL Security Announcements: PostgreSQL 11.3, 10.8, 9.6.13, 9.5.17, and 9.4.22 Released!	url:	https://vulmon.com/vendoradvisory?qidtp=postgresql_security_announcements&qid=277a6808e8230bde486f1f85b16bfac2	Trust: 0.1
title:	-	url:	https://github.com/Live-Hack-CVE/CVE-2019-10129	Trust: 0.1

sources: CNVD: CNVD-2019-16482 // VULMON: CVE-2019-10129 // JVNDB: JVNDB-2019-007133 // CNNVD: CNNVD-201905-333

EXTERNAL IDS

db:	NVD	id:	CVE-2019-10129	Trust: 3.6
db:	BID	id:	108506	Trust: 0.9
db:	JVNDB	id:	JVNDB-2019-007133	Trust: 0.8
db:	PACKETSTORM	id:	156711	Trust: 0.7
db:	PACKETSTORM	id:	152824	Trust: 0.7
db:	CNVD	id:	CNVD-2019-16482	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.1681	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.1668	Trust: 0.6
db:	CNNVD	id:	CNNVD-201905-333	Trust: 0.6
db:	VULMON	id:	CVE-2019-10129	Trust: 0.1

sources: CNVD: CNVD-2019-16482 // VULMON: CVE-2019-10129 // BID: 108506 // JVNDB: JVNDB-2019-007133 // PACKETSTORM: 156711 // PACKETSTORM: 152824 // CNNVD: CNNVD-201905-333 // NVD: CVE-2019-10129

REFERENCES

url:	https://www.postgresql.org/about/news/1939/	Trust: 3.2
url:	https://security.gentoo.org/glsa/202003-03	Trust: 1.8
url:	https://bugzilla.redhat.com/show_bug.cgi?id=cve-2019-10129	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2019-10129	Trust: 1.6
url:	https://www.postgresql.org/docs/11/release-11-3.html	Trust: 0.9
url:	https://usn.ubuntu.com/3972-1	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10129	Trust: 0.8
url:	https://usn.ubuntu.com/3972-1/	Trust: 0.7
url:	https://www.auscert.org.au/bulletins/80718	Trust: 0.6
url:	https://www.securityfocus.com/bid/108506	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/80770	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-postgresql-vulnerabilities-in-ibm-robotic-process-automation-with-automation-anywhere/	Trust: 0.6
url:	https://packetstormsecurity.com/files/152824/ubuntu-security-notice-usn-3972-1.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/156711/gentoo-linux-security-advisory-202003-03.html	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2019-10130	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/125.html	Trust: 0.1
url:	https://tools.cisco.com/security/center/viewalert.x?alertid=60168	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.postgresql.org/support/security/cve-2019-10129/	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-1720	Trust: 0.1
url:	https://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	https://security.gentoo.org/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-10164	Trust: 0.1
url:	https://usn.ubuntu.com/usn/usn-3972-1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/postgresql-10/10.8-0ubuntu0.18.10.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/postgresql-11/11.3-0ubuntu0.19.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/postgresql-10/10.8-0ubuntu0.18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/postgresql-9.5/9.5.17-0ubuntu0.16.04.1	Trust: 0.1

CREDITS

Ubuntu,Noah Misch and the PostgreSQL Project.,Gentoo

Trust: 0.6

sources: CNNVD: CNNVD-201905-333

SOURCES

db:	CNVD	id:	CNVD-2019-16482
db:	VULMON	id:	CVE-2019-10129
db:	BID	id:	108506
db:	JVNDB	id:	JVNDB-2019-007133
db:	PACKETSTORM	id:	156711
db:	PACKETSTORM	id:	152824
db:	CNNVD	id:	CNNVD-201905-333
db:	NVD	id:	CVE-2019-10129

LAST UPDATE DATE

2024-08-14T12:38:20.652000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2019-16482	date:	2019-06-04T00:00:00
db:	VULMON	id:	CVE-2019-10129	date:	2023-02-03T00:00:00
db:	BID	id:	108506	date:	2019-05-09T00:00:00
db:	JVNDB	id:	JVNDB-2019-007133	date:	2019-08-05T00:00:00
db:	CNNVD	id:	CNNVD-201905-333	date:	2020-12-07T00:00:00
db:	NVD	id:	CVE-2019-10129	date:	2023-02-03T14:26:40.660

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2019-16482	date:	2019-06-04T00:00:00
db:	VULMON	id:	CVE-2019-10129	date:	2019-07-30T00:00:00
db:	BID	id:	108506	date:	2019-05-09T00:00:00
db:	JVNDB	id:	JVNDB-2019-007133	date:	2019-08-05T00:00:00
db:	PACKETSTORM	id:	156711	date:	2020-03-13T14:56:18
db:	PACKETSTORM	id:	152824	date:	2019-05-13T15:14:37
db:	CNNVD	id:	CNNVD-201905-333	date:	2019-05-13T00:00:00
db:	NVD	id:	CVE-2019-10129	date:	2019-07-30T17:15:12.263