UBUNTU-CVE-2021-32027
- Source
- https://ubuntu.com/security/CVE-2021-32027
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-32027.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2021-32027
- Upstream
- Downstream
- Related
- Published
- 2021-05-14T00:00:00Z
- Modified
- 2025-09-08T16:47:09Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
- References
Affected packages
Ubuntu:Pro:14.04:LTS / postgresql-9.3
Package
- Name
- postgresql-9.3
- Purl
- pkg:deb/ubuntu/postgresql-9.3@9.3.24-0ubuntu0.14.04+esm1?arch=source&distro=esm-infra-legacy/trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
9.*
9.3.1-1
9.3.2-1
9.3.2-1ubuntu1
9.3.2-1ubuntu2
9.3.3-1
9.3.3-1bzr1
9.3.3-1bzr2
9.3.4-1
9.3.5-0ubuntu0.14.04.1
9.3.6-0ubuntu0.14.04
9.3.7-0ubuntu0.14.04
9.3.8-0ubuntu0.4.04
9.3.9-0ubuntu0.14.04
9.3.10-0ubuntu0.14.04
9.3.11-0ubuntu0.14.04
9.3.12-0ubuntu0.14.04
9.3.13-0ubuntu0.14.04
9.3.14-0ubuntu0.14.04
9.3.15-0ubuntu0.14.04
9.3.16-0ubuntu0.14.04
9.3.17-0ubuntu0.14.04
9.3.18-0ubuntu0.14.04.1
9.3.19-0ubuntu0.14.04
9.3.20-0ubuntu0.14.04
9.3.21-0ubuntu0.14.04
9.3.22-0ubuntu0.14.04
9.3.23-0ubuntu0.14.04
9.3.24-0ubuntu0.14.04
9.3.24-0ubuntu0.14.04+esm1
Ecosystem specific
{
"binaries": [
{
"binary_name": "libecpg-compat3",
"binary_version": "9.3.24-0ubuntu0.14.04+esm1"
},
{
"binary_name": "libecpg-dev",
"binary_version": "9.3.24-0ubuntu0.14.04+esm1"
},
{
"binary_name": "libecpg6",
"binary_version": "9.3.24-0ubuntu0.14.04+esm1"
},
{
"binary_name": "libpgtypes3",
"binary_version": "9.3.24-0ubuntu0.14.04+esm1"
},
{
"binary_name": "libpq-dev",
"binary_version": "9.3.24-0ubuntu0.14.04+esm1"
},
{
"binary_name": "libpq5",
"binary_version": "9.3.24-0ubuntu0.14.04+esm1"
},
{
"binary_name": "postgresql-9.3",
"binary_version": "9.3.24-0ubuntu0.14.04+esm1"
},
{
"binary_name": "postgresql-client-9.3",
"binary_version": "9.3.24-0ubuntu0.14.04+esm1"
},
{
"binary_name": "postgresql-contrib-9.3",
"binary_version": "9.3.24-0ubuntu0.14.04+esm1"
},
{
"binary_name": "postgresql-doc-9.3",
"binary_version": "9.3.24-0ubuntu0.14.04+esm1"
},
{
"binary_name": "postgresql-plperl-9.3",
"binary_version": "9.3.24-0ubuntu0.14.04+esm1"
},
{
"binary_name": "postgresql-plpython-9.3",
"binary_version": "9.3.24-0ubuntu0.14.04+esm1"
},
{
"binary_name": "postgresql-plpython3-9.3",
"binary_version": "9.3.24-0ubuntu0.14.04+esm1"
},
{
"binary_name": "postgresql-pltcl-9.3",
"binary_version": "9.3.24-0ubuntu0.14.04+esm1"
},
{
"binary_name": "postgresql-server-dev-9.3",
"binary_version": "9.3.24-0ubuntu0.14.04+esm1"
}
]
}
Ubuntu:Pro:16.04:LTS / postgresql-9.5
Package
- Name
- postgresql-9.5
- Purl
- pkg:deb/ubuntu/postgresql-9.5@9.5.25-0ubuntu0.16.04.1+esm1?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed9.5.25-0ubuntu0.16.04.1+esm1
Affected versions
9.*
9.5.0-1
9.5.0-2
9.5.0-3
9.5.1-1
9.5.2-1
9.5.3-0ubuntu0.16.04
9.5.4-0ubuntu0.16.04
9.5.5-0ubuntu0.16.04
9.5.6-0ubuntu0.16.04
9.5.7-0ubuntu0.16.04
9.5.8-0ubuntu0.16.04.1
9.5.9-0ubuntu0.16.04
9.5.10-0ubuntu0.16.04
9.5.11-0ubuntu0.16.04
9.5.12-0ubuntu0.16.04
9.5.13-0ubuntu0.16.04
9.5.14-0ubuntu0.16.04
9.5.16-0ubuntu0.16.04.1
9.5.17-0ubuntu0.16.04.1
9.5.18-0ubuntu0.16.04.1
9.5.19-0ubuntu0.16.04.1
9.5.21-0ubuntu0.16.04.1
9.5.23-0ubuntu0.16.04.1
9.5.24-0ubuntu0.16.04.1
9.5.25-0ubuntu0.16.04.1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "libecpg-compat3",
"binary_version": "9.5.25-0ubuntu0.16.04.1+esm1"
},
{
"binary_name": "libecpg-dev",
"binary_version": "9.5.25-0ubuntu0.16.04.1+esm1"
},
{
"binary_name": "libecpg6",
"binary_version": "9.5.25-0ubuntu0.16.04.1+esm1"
},
{
"binary_name": "libpgtypes3",
"binary_version": "9.5.25-0ubuntu0.16.04.1+esm1"
},
{
"binary_name": "libpq-dev",
"binary_version": "9.5.25-0ubuntu0.16.04.1+esm1"
},
{
"binary_name": "libpq5",
"binary_version": "9.5.25-0ubuntu0.16.04.1+esm1"
},
{
"binary_name": "postgresql-9.5",
"binary_version": "9.5.25-0ubuntu0.16.04.1+esm1"
},
{
"binary_name": "postgresql-client-9.5",
"binary_version": "9.5.25-0ubuntu0.16.04.1+esm1"
},
{
"binary_name": "postgresql-contrib-9.5",
"binary_version": "9.5.25-0ubuntu0.16.04.1+esm1"
},
{
"binary_name": "postgresql-doc-9.5",
"binary_version": "9.5.25-0ubuntu0.16.04.1+esm1"
},
{
"binary_name": "postgresql-plperl-9.5",
"binary_version": "9.5.25-0ubuntu0.16.04.1+esm1"
},
{
"binary_name": "postgresql-plpython-9.5",
"binary_version": "9.5.25-0ubuntu0.16.04.1+esm1"
},
{
"binary_name": "postgresql-plpython3-9.5",
"binary_version": "9.5.25-0ubuntu0.16.04.1+esm1"
},
{
"binary_name": "postgresql-pltcl-9.5",
"binary_version": "9.5.25-0ubuntu0.16.04.1+esm1"
},
{
"binary_name": "postgresql-server-dev-9.5",
"binary_version": "9.5.25-0ubuntu0.16.04.1+esm1"
}
]
}
Ubuntu:18.04:LTS / postgresql-10
Package
- Name
- postgresql-10
- Purl
- pkg:deb/ubuntu/postgresql-10@10.17-0ubuntu0.18.04.1?arch=source&distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed10.17-0ubuntu0.18.04.1
Affected versions
10.*
10.1-1
10.1-2
10.2-1
10.3-1
10.4-0ubuntu0.18.04
10.5-0ubuntu0.18.04
10.6-0ubuntu0.18.04.1
10.7-0ubuntu0.18.04.1
10.8-0ubuntu0.18.04.1
10.9-0ubuntu0.18.04.1
10.10-0ubuntu0.18.04.1
10.12-0ubuntu0.18.04.1
10.14-0ubuntu0.18.04.1
10.15-0ubuntu0.18.04.1
10.16-0ubuntu0.18.04.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libecpg-compat3",
"binary_version": "10.17-0ubuntu0.18.04.1"
},
{
"binary_name": "libecpg-dev",
"binary_version": "10.17-0ubuntu0.18.04.1"
},
{
"binary_name": "libecpg6",
"binary_version": "10.17-0ubuntu0.18.04.1"
},
{
"binary_name": "libpgtypes3",
"binary_version": "10.17-0ubuntu0.18.04.1"
},
{
"binary_name": "libpq-dev",
"binary_version": "10.17-0ubuntu0.18.04.1"
},
{
"binary_name": "libpq5",
"binary_version": "10.17-0ubuntu0.18.04.1"
},
{
"binary_name": "postgresql-10",
"binary_version": "10.17-0ubuntu0.18.04.1"
},
{
"binary_name": "postgresql-client-10",
"binary_version": "10.17-0ubuntu0.18.04.1"
},
{
"binary_name": "postgresql-doc-10",
"binary_version": "10.17-0ubuntu0.18.04.1"
},
{
"binary_name": "postgresql-plperl-10",
"binary_version": "10.17-0ubuntu0.18.04.1"
},
{
"binary_name": "postgresql-plpython-10",
"binary_version": "10.17-0ubuntu0.18.04.1"
},
{
"binary_name": "postgresql-plpython3-10",
"binary_version": "10.17-0ubuntu0.18.04.1"
},
{
"binary_name": "postgresql-pltcl-10",
"binary_version": "10.17-0ubuntu0.18.04.1"
},
{
"binary_name": "postgresql-server-dev-10",
"binary_version": "10.17-0ubuntu0.18.04.1"
}
]
}
Ubuntu:20.04:LTS / postgresql-12
Package
- Name
- postgresql-12
- Purl
- pkg:deb/ubuntu/postgresql-12@12.7-0ubuntu0.20.04.1?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed12.7-0ubuntu0.20.04.1
Affected versions
12.*
12.0-1
12.1-1
12.1-2build1
12.2-1
12.2-1ubuntu2
12.2-4
12.4-0ubuntu0.20.04.1
12.5-0ubuntu0.20.04.1
12.6-0ubuntu0.20.04.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libecpg-compat3",
"binary_version": "12.7-0ubuntu0.20.04.1"
},
{
"binary_name": "libecpg-dev",
"binary_version": "12.7-0ubuntu0.20.04.1"
},
{
"binary_name": "libecpg6",
"binary_version": "12.7-0ubuntu0.20.04.1"
},
{
"binary_name": "libpgtypes3",
"binary_version": "12.7-0ubuntu0.20.04.1"
},
{
"binary_name": "libpq-dev",
"binary_version": "12.7-0ubuntu0.20.04.1"
},
{
"binary_name": "libpq5",
"binary_version": "12.7-0ubuntu0.20.04.1"
},
{
"binary_name": "postgresql-12",
"binary_version": "12.7-0ubuntu0.20.04.1"
},
{
"binary_name": "postgresql-client-12",
"binary_version": "12.7-0ubuntu0.20.04.1"
},
{
"binary_name": "postgresql-doc-12",
"binary_version": "12.7-0ubuntu0.20.04.1"
},
{
"binary_name": "postgresql-plperl-12",
"binary_version": "12.7-0ubuntu0.20.04.1"
},
{
"binary_name": "postgresql-plpython3-12",
"binary_version": "12.7-0ubuntu0.20.04.1"
},
{
"binary_name": "postgresql-pltcl-12",
"binary_version": "12.7-0ubuntu0.20.04.1"
},
{
"binary_name": "postgresql-server-dev-12",
"binary_version": "12.7-0ubuntu0.20.04.1"
}
]
}