CVE-2017-12172
- Source
- https://cve.org/CVERecord?id=CVE-2017-12172
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-12172.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2017-12172
- Downstream
- Related
- Published
- 2017-11-22T19:29:00.223Z
- Modified
- 2026-03-10T14:18:12.665380Z
- Severity
-
- 6.7 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24 runs under a non-root operating system account, and database superusers have effective ability to run arbitrary code under that system account. PostgreSQL provides a script for starting the database server during system boot. Packages of PostgreSQL for many operating systems provide their own, packager-authored startup implementations. Several implementations use a log file name that the database superuser can replace with a symbolic link. As root, they open(), chmod() and/or chown() this log file name. This often suffices for the database superuser to escalate to root privileges when root starts the server.
- References
-
- http://www.securitytracker.com/id/1039752
- http://www.securityfocus.com/bid/101949
- https://access.redhat.com/errata/RHSA-2017:3404
- https://access.redhat.com/errata/RHSA-2017:3402
- https://access.redhat.com/errata/RHSA-2017:3403
- https://access.redhat.com/errata/RHSA-2017:3405
- https://www.postgresql.org/about/news/1801/
- https://www.postgresql.org/support/security/
Affected packages
Git /
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-12172.json"
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.2.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.2.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.2.3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.2.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.2.5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.2.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.2.7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.2.8"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.2.9"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.2.10"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.2.11"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.2.12"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.2.13"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.2.14"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.2.15"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.2.16"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.2.17"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.2.18"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.2.19"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.2.20"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.2.21"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.2.22"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.2.23"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.3.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.3.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.3.3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.3.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.3.5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.3.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.3.7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.3.8"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.3.9"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.3.10"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.3.11"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.3.12"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.3.13"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.3.14"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.3.15"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.3.16"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.3.17"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.3.18"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.3.19"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.4.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.4.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.4.3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.4.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.4.5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.4.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.4.7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.4.8"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.4.9"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.4.10"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.4.11"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.4.12"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.4.13"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.4.14"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.5.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.5.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.5.3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.5.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.5.5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.5.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.5.7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.5.8"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.5.9"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.6.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.6.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.6.3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.6.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.6.5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "10"
}
]
}
]