Red Hat Product Errata RHSA-2026:4509 - Security Advisory
Issued:
2026-03-12
Updated:
2026-03-12

RHSA-2026:4509 - Security Advisory

Synopsis

Important: postgresql:12 security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

PostgreSQL is an advanced object-relational database management system (DBMS).

Security Fix(es):

  • postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code (CVE-2026-2006)
  • postgresql: PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code (CVE-2026-2004)
  • postgresql: PostgreSQL pgcrypto heap buffer overflow executes arbitrary code (CVE-2026-2005)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.4 x86_64

Fixes

  • BZ - 2439324 - CVE-2026-2006 postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code
  • BZ - 2439325 - CVE-2026-2004 postgresql: PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code
  • BZ - 2439326 - CVE-2026-2005 postgresql: PostgreSQL pgcrypto heap buffer overflow executes arbitrary code

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4

SRPM
pgaudit-1.4.0-6.module+el8.4.0+11288+c193d6d7.src.rpm SHA-256: b03a38090ec961b4c6fe83ae8e373284f0576a5472251536dfb1d10916b31177
postgres-decoderbufs-0.10.0-2.module+el8.4.0+11288+c193d6d7.src.rpm SHA-256: 4a6ff774095320178b96a836d62d5db488a36d985f86c0df120df6bdffe444e1
postgresql-12.22-1.module+el8.4.0+24066+665c8b71.3.src.rpm SHA-256: 2268470377ebaaf9a735005cc973ba506cf2ae6a0e7d42d3e1111df1ed338b93
x86_64
pgaudit-1.4.0-6.module+el8.4.0+11288+c193d6d7.x86_64.rpm SHA-256: 0bbd0a783d7399c0a70bace3f71bd9bc706d57cfbd5a92355253eac38ef71d64
pgaudit-debuginfo-1.4.0-6.module+el8.4.0+11288+c193d6d7.x86_64.rpm SHA-256: 7ec70c2c12b53aa6aef901acc2c48655d7acc11b45db3a5a8728a4eff214a610
pgaudit-debugsource-1.4.0-6.module+el8.4.0+11288+c193d6d7.x86_64.rpm SHA-256: efae4253c28d1d3774ef16406da959ed11d8dd45ba769426433fb7433cadee0c
postgres-decoderbufs-0.10.0-2.module+el8.4.0+11288+c193d6d7.x86_64.rpm SHA-256: a6b90b09552fcc2cc7778ea384a195d97850282bbab941aa1d37fd4c314d94ac
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+11288+c193d6d7.x86_64.rpm SHA-256: a30fa22fccb754620843adaba31b89c77e7c757cba5fc3707804b51190dd02ef
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+11288+c193d6d7.x86_64.rpm SHA-256: 5def5e99e1ff1ae1444788ab565fcd9d0ba1b9bea1a1650c3302fdaca8585ec3
postgresql-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 47e2d9db77d0ac280cb648a0a4ccd361c78b8c086bab0598a59f6745fc977b24
postgresql-contrib-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: bd384e04b10e4e5ff99dd0810349dbcfa0ec7cb5dfd7d29d627aff4f40e83d8d
postgresql-contrib-debuginfo-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 8667747412c87955a47e97506ebf589b2df86aa8bc3486678be694239c1eb45e
postgresql-debuginfo-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 9d5af83ae29968cb552710253f238e6450f5bb0c8e5137d88449cbbca143a56c
postgresql-debugsource-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 1cc2c7e8a4c485cc38f7c54e375c9839f0efeb2333d2c85f9bab1b57fc76afc8
postgresql-docs-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 7480728c2cfbcd7274a451a9a537523a0b18e5bdcdc49e3d5aa3ab29dadcd66e
postgresql-docs-debuginfo-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 20d1801e0d7971c91fb93d8ff1f8e5bcc84c4c9fca4ae339423dcafd8d1fa383
postgresql-plperl-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: a39e69b5a5ef8bd7a24d7a9443e19778fcc41160fd8d4657f46c129e3b4323cc
postgresql-plperl-debuginfo-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 4903b8b69546219b1e4acdc32775f02ebde47cdcb4b89c6737707b9faa26039b
postgresql-plpython3-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 80a9a43d6c35acd27a5107efabd574fa57a426db3362391d472d3cb9a40c5aa5
postgresql-plpython3-debuginfo-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: fc69613b240632528024847badba388aeded6b494eed53c243d7dab3a89c9659
postgresql-pltcl-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 0b63196149200c5f80e34916f47076bca295a21a8eab305725cefc62720abd56
postgresql-pltcl-debuginfo-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 8d773a0b1cf21b8a66755aabda459dcef0263e547040d7b7490989c180ec9b2d
postgresql-server-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 2807de6378b21ef2755967ca494134d6ba30a70b676e38fb0bd5555bb3c1b677
postgresql-server-debuginfo-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 2de4192576517de238a4d5b03515abaf03673eb83d410a1477ddd809e6c54230
postgresql-server-devel-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: a98e441458fc564a5ae3ad19304375408859f340e76c062753866afe0b12f3bf
postgresql-server-devel-debuginfo-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 90e2d646a3358dea7cf34927b9c0014274116ba67dc0076840866c63421c5172
postgresql-static-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 413b4d2f518f900cc79faaabdbdcf70bdf06aa12d63308041570af92208b9e7e
postgresql-test-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: efab50f86ebf3aece9013d7b6b709fc521065fb99797a6e86a3d2b31a87baeb3
postgresql-test-debuginfo-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: a411b14e11a98090b35a125fd3819b8fdde026e4ced5df560653ece753d5fca6
postgresql-test-rpm-macros-12.22-1.module+el8.4.0+24066+665c8b71.3.noarch.rpm SHA-256: 6cb530b44d2095c64e965255efc8a0a5b6a2306487a1b6b9545fdae545e9ce17
postgresql-upgrade-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 44619c79e77e6348209580c549df3f118d921b9f16801c938b231d1758e2b090
postgresql-upgrade-debuginfo-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 8956978c407d23bc4506e97987732859948cf06ead6447c4f21f146940b89220
postgresql-upgrade-devel-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 4e7d5f3c2bb5ee4548ec2398bf930a19c7759090cbcb99fc37f144a95ef1e2ff
postgresql-upgrade-devel-debuginfo-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: e810ce112e3500331da30d59fc574de6e110ca68516b7430634e98f76e9d43e3

Red Hat Enterprise Linux Server - AUS 8.4

SRPM
pgaudit-1.4.0-6.module+el8.4.0+11288+c193d6d7.src.rpm SHA-256: b03a38090ec961b4c6fe83ae8e373284f0576a5472251536dfb1d10916b31177
postgres-decoderbufs-0.10.0-2.module+el8.4.0+11288+c193d6d7.src.rpm SHA-256: 4a6ff774095320178b96a836d62d5db488a36d985f86c0df120df6bdffe444e1
postgresql-12.22-1.module+el8.4.0+24066+665c8b71.3.src.rpm SHA-256: 2268470377ebaaf9a735005cc973ba506cf2ae6a0e7d42d3e1111df1ed338b93
x86_64
pgaudit-1.4.0-6.module+el8.4.0+11288+c193d6d7.x86_64.rpm SHA-256: 0bbd0a783d7399c0a70bace3f71bd9bc706d57cfbd5a92355253eac38ef71d64
pgaudit-debuginfo-1.4.0-6.module+el8.4.0+11288+c193d6d7.x86_64.rpm SHA-256: 7ec70c2c12b53aa6aef901acc2c48655d7acc11b45db3a5a8728a4eff214a610
pgaudit-debugsource-1.4.0-6.module+el8.4.0+11288+c193d6d7.x86_64.rpm SHA-256: efae4253c28d1d3774ef16406da959ed11d8dd45ba769426433fb7433cadee0c
postgres-decoderbufs-0.10.0-2.module+el8.4.0+11288+c193d6d7.x86_64.rpm SHA-256: a6b90b09552fcc2cc7778ea384a195d97850282bbab941aa1d37fd4c314d94ac
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+11288+c193d6d7.x86_64.rpm SHA-256: a30fa22fccb754620843adaba31b89c77e7c757cba5fc3707804b51190dd02ef
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+11288+c193d6d7.x86_64.rpm SHA-256: 5def5e99e1ff1ae1444788ab565fcd9d0ba1b9bea1a1650c3302fdaca8585ec3
postgresql-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 47e2d9db77d0ac280cb648a0a4ccd361c78b8c086bab0598a59f6745fc977b24
postgresql-contrib-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: bd384e04b10e4e5ff99dd0810349dbcfa0ec7cb5dfd7d29d627aff4f40e83d8d
postgresql-contrib-debuginfo-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 8667747412c87955a47e97506ebf589b2df86aa8bc3486678be694239c1eb45e
postgresql-debuginfo-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 9d5af83ae29968cb552710253f238e6450f5bb0c8e5137d88449cbbca143a56c
postgresql-debugsource-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 1cc2c7e8a4c485cc38f7c54e375c9839f0efeb2333d2c85f9bab1b57fc76afc8
postgresql-docs-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 7480728c2cfbcd7274a451a9a537523a0b18e5bdcdc49e3d5aa3ab29dadcd66e
postgresql-docs-debuginfo-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 20d1801e0d7971c91fb93d8ff1f8e5bcc84c4c9fca4ae339423dcafd8d1fa383
postgresql-plperl-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: a39e69b5a5ef8bd7a24d7a9443e19778fcc41160fd8d4657f46c129e3b4323cc
postgresql-plperl-debuginfo-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 4903b8b69546219b1e4acdc32775f02ebde47cdcb4b89c6737707b9faa26039b
postgresql-plpython3-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 80a9a43d6c35acd27a5107efabd574fa57a426db3362391d472d3cb9a40c5aa5
postgresql-plpython3-debuginfo-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: fc69613b240632528024847badba388aeded6b494eed53c243d7dab3a89c9659
postgresql-pltcl-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 0b63196149200c5f80e34916f47076bca295a21a8eab305725cefc62720abd56
postgresql-pltcl-debuginfo-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 8d773a0b1cf21b8a66755aabda459dcef0263e547040d7b7490989c180ec9b2d
postgresql-server-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 2807de6378b21ef2755967ca494134d6ba30a70b676e38fb0bd5555bb3c1b677
postgresql-server-debuginfo-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 2de4192576517de238a4d5b03515abaf03673eb83d410a1477ddd809e6c54230
postgresql-server-devel-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: a98e441458fc564a5ae3ad19304375408859f340e76c062753866afe0b12f3bf
postgresql-server-devel-debuginfo-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 90e2d646a3358dea7cf34927b9c0014274116ba67dc0076840866c63421c5172
postgresql-static-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 413b4d2f518f900cc79faaabdbdcf70bdf06aa12d63308041570af92208b9e7e
postgresql-test-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: efab50f86ebf3aece9013d7b6b709fc521065fb99797a6e86a3d2b31a87baeb3
postgresql-test-debuginfo-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: a411b14e11a98090b35a125fd3819b8fdde026e4ced5df560653ece753d5fca6
postgresql-test-rpm-macros-12.22-1.module+el8.4.0+24066+665c8b71.3.noarch.rpm SHA-256: 6cb530b44d2095c64e965255efc8a0a5b6a2306487a1b6b9545fdae545e9ce17
postgresql-upgrade-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 44619c79e77e6348209580c549df3f118d921b9f16801c938b231d1758e2b090
postgresql-upgrade-debuginfo-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 8956978c407d23bc4506e97987732859948cf06ead6447c4f21f146940b89220
postgresql-upgrade-devel-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: 4e7d5f3c2bb5ee4548ec2398bf930a19c7759090cbcb99fc37f144a95ef1e2ff
postgresql-upgrade-devel-debuginfo-12.22-1.module+el8.4.0+24066+665c8b71.3.x86_64.rpm SHA-256: e810ce112e3500331da30d59fc574de6e110ca68516b7430634e98f76e9d43e3

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.