QwikSec

Security Database

CVE

CWE

Training

CVE-2016-3065

Published: Apr 11, 2016

Modified: Aug 5, 2024

PUBLISHED

Description

The (1) brin_page_type and (2) brin_metapage_info functions in the pageinspect extension in PostgreSQL before 9.5.x before 9.5.2 allows attackers to bypass intended access restrictions and consequently obtain sensitive server memory information or cause a denial of service (server crash) via a crafted bytea value in a BRIN index page.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://git.postgresql.org/gitweb/?p=postgresql.git%3Ba=commitdiff%3Bh=bf78a6f107949fdfb513d1b45e30cefe04e09e4f

x_refsource_CONFIRM

http://www.postgresql.org/docs/current/static/release-9-5-2.html

x_refsource_CONFIRM

http://www.postgresql.org/about/news/1656/

x_refsource_CONFIRM

vdb-entry

x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.