CVE-2022-2625
published 2022-08-18CVE-2022-2625: A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait…
high8CVSS 3.1
AVNACLPRLUIRSUCHIHAH
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to run arbitrary code as the victim role, which may be a superuser.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | postgresql-13 | < postgresql-13 13.8-0+deb11u1 (bullseye) | postgresql-13 13.8-0+deb11u1 (bullseye) |
| fedoraproject | fedora | — | — |
| msrc | cbl2_postgresql_14.5-1_on_cbl_mariner_2.0 | — | — |
| msrc | cm1_postgresql_12.12-1_on_cbl_mariner_1.0 | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | >= 10.0 < 10.22 | 10.22 |
| postgresql | postgresql | >= 11.0 < 11.17 | 11.17 |
| postgresql | postgresql | >= 12.0 < 12.12 | 12.12 |
| postgresql | postgresql | >= 13.0 < 13.8 | 13.8 |
| postgresql | postgresql | >= 14.0 < 14.5 | 14.5 |
| redhat | enterprise_linux | — | — |
| redhat | enterprise_linux | — | — |
| redhat | enterprise_linux | — | — |
| redhat | enterprise_linux | — | — |
CVSS provenance
nvdv3.18.0HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
osv8.0HIGH
Ubuntu
PostgreSQL vulnerability
vendor_ubuntu·2022-08-18
CVE-2022-2625 PostgreSQL vulnerability
Title: PostgreSQL vulnerability
Summary: PostgreSQL could be made to run programs when creating or updating
extensions.
Sven Klemm discovered that PostgreSQL incorrectly handled extensions. An
attacker could possibly use this issue to execute arbitrary code when
extensions are created or updated.
Instructions: This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart PostgreSQL to
make all the necessary changes.
Red Hat
postgresql: Extension scripts replace objects not belonging to the extension.
vendor_redhat·2022-08-11·CVSS 8.0
CVE-2022-2625 [HIGH] CWE-267 postgresql: Extension scripts replace objects not belonging to the extension.
postgresql: Extension scripts replace objects not belonging to the extension.
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to run arbitrary code as the victim role, which may be a superuser.
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, an
Microsoft
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema the ability to lure or wait for an administrator to create or update an
vendor_msrc·2022-08-09·CVSS 8.0
CVE-2022-2625 [HIGH] CWE-1321 A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema the ability to lure or wait for an administrator to create or update an
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema the ability to lure or wait for an administrator to create or update an affected extension in that schema and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites this flaw allows an attacker to run arbitrary code as the victim role which may be a superuser.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of th
Debian
CVE-2022-2625: postgresql-13 - A vulnerability was found in PostgreSQL. This attack requires permission to crea...
vendor_debian·2022·CVSS 8.0
CVE-2022-2625 [HIGH] CVE-2022-2625: postgresql-13 - A vulnerability was found in PostgreSQL. This attack requires permission to crea...
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to run arbitrary code as the victim role, which may be a superuser.
Scope: local
bullseye: resolved (fixed in 13.8-0+deb11u1)
GHSA
GHSA-m7mv-m566-78j6: A vulnerability found in postgresql
ghsa_unreviewed·2022-08-19
CVE-2022-2625 [HIGH] CWE-1321 GHSA-m7mv-m566-78j6: A vulnerability found in postgresql
A vulnerability found in postgresql. On this security issue an attack requires permission to create non-temporary objects in at least one schema, ability to lure or wait for an administrator to create or update an affected extension in that schema, and ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, the attacker can run arbitrary code as the victim role, which may be a superuser. Known-affected extensions include both PostgreSQL-bundled and non-bundled extensions. PostgreSQL blocks this attack in the core server, so there's no need to modify individual extensions.
OSV
CVE-2022-2625: A vulnerability was found in PostgreSQL
osv·2022-08-18·CVSS 8.0
CVE-2022-2625 [HIGH] CVE-2022-2625: A vulnerability was found in PostgreSQL
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to run arbitrary code as the victim role, which may be a superuser.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://bugzilla.redhat.com/show_bug.cgi?id=2113825https://security.gentoo.org/glsa/202211-04https://www.postgresql.org/about/news/postgresql-145-138-1212-1117-1022-and-15-beta-3-released-2496/https://bugzilla.redhat.com/show_bug.cgi?id=2113825https://security.gentoo.org/glsa/202211-04https://www.postgresql.org/about/news/postgresql-145-138-1212-1117-1022-and-15-beta-3-released-2496/
2022-08-18
Published