CVE-2018-1053

Impact:
Moderate
Public Date:
2018-02-08
CWE:
CWE-377
Bugzilla:
1539619: CVE-2018-1053 postgresql: pg_upgrade creates file of sensitive metadata under prevailing umask
pg_upgrade creates file in current working directory containing the output of `pg_dumpall -g` under umask which was in effect when the user invoked pg_upgrade, and not under 0077 which is normally used for other temporary files. This can allow an authenticated attacker to read or modify the file, which may contain encrypted or unencrypted database passwords. The attack is unfeasible if a directory mode blocks the attacker searching the current working directory or if the prevailing umask blocks the attacker opening the file.

Find out more about CVE-2018-1053 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

This issue affects the versions of PostgreSQL 9.x as shipped with Red Hat Satellite 5.x and CloudForms 5.x. Red Hat Product Security has rated this issue as having security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.

CVSS v3 metrics

CVSS3 Base Score 6.7
CVSS3 Base Metrics CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity High
Privileges Required Low
User Interaction Required
Scope Unchanged
Confidentiality High
Integrity Impact High
Availability Impact High

Red Hat Security Errata

Platform Errata Release Date
Red Hat Software Collections for Red Hat Enterprise Linux 6 (rh-postgresql96-postgresql) RHSA-2018:2566 2018-08-27
Red Hat Software Collections for Red Hat Enterprise Linux 7 (rh-postgresql95-postgresql) RHSA-2018:2511 2018-08-20
Red Hat Software Collections for Red Hat Enterprise Linux 7 (rh-postgresql96-postgresql) RHSA-2018:2566 2018-08-27
Red Hat Software Collections for Red Hat Enterprise Linux 6 (rh-postgresql95-postgresql) RHSA-2018:2511 2018-08-20

Affected Packages State

Platform Package State
Red Hat Software Collections for Red Hat Enterprise Linux rh-postgresql10-postgresql Not affected
Red Hat Software Collections for Red Hat Enterprise Linux rh-postgresql94-postgresql Will not fix
Red Hat Single Sign-On 7 postgresql Not affected
Red Hat Satellite 5 postgresql95-postgresql Will not fix
Red Hat Mobile Application Platform On-Premise 4 postgresql Not affected
Red Hat JBoss Operations Network 3 postgresql Not affected
Red Hat JBoss Fuse Service Works 6 postgresql Not affected
Red Hat Enterprise Linux 7 postgresql Not affected
Red Hat Enterprise Linux 6 postgresql Not affected
Red Hat Enterprise Linux 5 postgresql84 Not affected
Red Hat Enterprise Linux 5 postgresql Not affected

Acknowledgements

Red Hat would like to thank the PostgreSQL project for reporting this issue. Upstream acknowledges Tom Lane as the original reporter.

External References

Last Modified
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.