CVE-2019-10208 log

Source
Severity Medium
Remote Yes
Type Access restriction bypass
Description
A security issue has been found in PostgreSQL < 11.5 where given a suitable SECURITY DEFINER function, an attacker can execute arbitrary SQL under the identity of the function owner. An attack requires EXECUTE permission on the function, which must itself contain a function call having inexact argument type match. For example, length('foo'::varchar) and length('foo') are inexact, while length('foo'::text) is exact. As part of exploiting this vulnerability, the attacker uses CREATE DOMAIN to create a type in a pg_temp schema. The attack pattern and fix are similar to that for CVE-2007-2138.
Group Package Affected Fixed Severity Status Ticket
AVG-1019 postgresql, postgresql-libs 11.4-1 11.5-1 Medium Fixed
Date Advisory Group Package Severity Description
10 Aug 2019 ASA-201908-8 AVG-1019 postgresql Medium multiple issues
10 Aug 2019 ASA-201908-7 AVG-1019 postgresql-libs Medium multiple issues
References
https://www.postgresql.org/about/news/1960/
https://bugzilla.redhat.com/show_bug.cgi?id=1734416