CVE-2023-5870
Published: Dec 10, 2023
Modified: Mar 2, 2026
CVSS v3.1
2.2
Description
A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.
| Vendor | Product | Versions |
|---|---|---|
Red Hat | Red Hat Advanced Cluster Security 4.2 | unaffected 4.2.4-6 - < * |
Red Hat | Red Hat Advanced Cluster Security 4.2 | unaffected 4.2.4-6 - < * |
Red Hat | Red Hat Advanced Cluster Security 4.2 | unaffected 4.2.4-7 - < * |
Red Hat | Red Hat Advanced Cluster Security 4.2 | unaffected 4.2.4-6 - < * |
Red Hat | Red Hat Advanced Cluster Security 4.2 | unaffected 4.2.4-7 - < * |
Red Hat | Red Hat Enterprise Linux 8 | unaffected 8090020231114113712.a75119d5 - < * |
Red Hat | Red Hat Enterprise Linux 8 | unaffected 8090020231128173330.a75119d5 - < * |
Red Hat | Red Hat Enterprise Linux 8 | unaffected 8090020231114113548.a75119d5 - < * |
Red Hat | Red Hat Enterprise Linux 8.2 Advanced Update Support | unaffected 8020020231128165246.4cda2c84 - < * |
Red Hat | Red Hat Enterprise Linux 8.2 Telecommunications Update Service | unaffected 8020020231128165246.4cda2c84 - < * |
Red Hat | Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions | unaffected 8020020231128165246.4cda2c84 - < * |
Red Hat | Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | unaffected 8040020231127153301.522a0ee4 - < * |
Red Hat | Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | unaffected 8040020231127154806.522a0ee4 - < * |
Red Hat | Red Hat Enterprise Linux 8.4 Telecommunications Update Service | unaffected 8040020231127153301.522a0ee4 - < * |
Red Hat | Red Hat Enterprise Linux 8.4 Telecommunications Update Service | unaffected 8040020231127154806.522a0ee4 - < * |
Red Hat | Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | unaffected 8040020231127153301.522a0ee4 - < * |
Red Hat | Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | unaffected 8040020231127154806.522a0ee4 - < * |
Red Hat | Red Hat Enterprise Linux 8.6 Extended Update Support | unaffected 8060020231114115246.ad008a3a - < * |
Red Hat | Red Hat Enterprise Linux 8.6 Extended Update Support | unaffected 8060020231128165328.ad008a3a - < * |
Red Hat | Red Hat Enterprise Linux 8.8 Extended Update Support | unaffected 8080020231114105206.63b34585 - < * |
Red Hat | Red Hat Enterprise Linux 8.8 Extended Update Support | unaffected 8080020231128165335.63b34585 - < * |
Red Hat | Red Hat Enterprise Linux 8.8 Extended Update Support | unaffected 8080020231113134015.63b34585 - < * |
Red Hat | Red Hat Enterprise Linux 9 | unaffected 0:13.13-1.el9_3 - < * |
Red Hat | Red Hat Enterprise Linux 9 | unaffected 9030020231120082734.rhel9 - < * |
Red Hat | Red Hat Enterprise Linux 9.0 Extended Update Support | unaffected 0:13.13-1.el9_0 - < * |
Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support | unaffected 0:13.13-1.el9_2 - < * |
Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support | unaffected 9020020231115020618.rhel9 - < * |
Red Hat | Red Hat Software Collections for Red Hat Enterprise Linux 7 | unaffected 0:12.17-1.el7 - < * |
Red Hat | Red Hat Software Collections for Red Hat Enterprise Linux 7 | unaffected 0:13.13-1.el7 - < * |
Red Hat | RHACS-3.74-RHEL-8 | unaffected 3.74.8-9 - < * |
Red Hat | RHACS-3.74-RHEL-8 | unaffected 3.74.8-9 - < * |
Red Hat | RHACS-3.74-RHEL-8 | unaffected 3.74.8-7 - < * |
Red Hat | RHACS-3.74-RHEL-8 | unaffected 3.74.8-9 - < * |
Red Hat | RHACS-3.74-RHEL-8 | unaffected 3.74.8-9 - < * |
Red Hat | RHACS-4.1-RHEL-8 | unaffected 4.1.6-6 - < * |
Red Hat | RHACS-4.1-RHEL-8 | unaffected 4.1.6-6 - < * |
Red Hat | RHACS-4.1-RHEL-8 | unaffected 4.1.6-6 - < * |
Red Hat | RHACS-4.1-RHEL-8 | unaffected 4.1.6-6 - < * |
Red Hat | RHACS-4.1-RHEL-8 | unaffected 4.1.6-6 - < * |
Red Hat | Red Hat Enterprise Linux 6 | All versions |
Red Hat | Red Hat Enterprise Linux 7 | All versions |
Red Hat | Red Hat Enterprise Linux 8 | All versions |
Red Hat | Red Hat Enterprise Linux 8 | All versions |
Red Hat | Red Hat Enterprise Linux 9 | All versions |
Red Hat | Red Hat Software Collections | All versions |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now