Tom Lane discovered that PostgreSQL incorrect handled certain array subscripting calculations. An authenticated attacker could possibly use this issue to overwrite server memory and escalate privileges. (CVE-2021-32027)
Andres Freund discovered that PostgreSQL incorrect handled certain INSERT ... ON CONFLICT ... DO UPDATE commands. A remote attacker could possibly use this issue to read server memory and obtain sensitive information. (CVE-2021-32028)
Tom Lane discovered that PostgreSQL incorrect handled certain UPDATE ... RETURNING commands. A remote attacker could possibly use this issue to read server memory and obtain sensitive information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-32029)
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "10.17-0ubuntu0.18.04.1",
"binary_name": "libecpg-compat3"
},
{
"binary_version": "10.17-0ubuntu0.18.04.1",
"binary_name": "libecpg-dev"
},
{
"binary_version": "10.17-0ubuntu0.18.04.1",
"binary_name": "libecpg6"
},
{
"binary_version": "10.17-0ubuntu0.18.04.1",
"binary_name": "libpgtypes3"
},
{
"binary_version": "10.17-0ubuntu0.18.04.1",
"binary_name": "libpq-dev"
},
{
"binary_version": "10.17-0ubuntu0.18.04.1",
"binary_name": "libpq5"
},
{
"binary_version": "10.17-0ubuntu0.18.04.1",
"binary_name": "postgresql-10"
},
{
"binary_version": "10.17-0ubuntu0.18.04.1",
"binary_name": "postgresql-client-10"
},
{
"binary_version": "10.17-0ubuntu0.18.04.1",
"binary_name": "postgresql-doc-10"
},
{
"binary_version": "10.17-0ubuntu0.18.04.1",
"binary_name": "postgresql-plperl-10"
},
{
"binary_version": "10.17-0ubuntu0.18.04.1",
"binary_name": "postgresql-plpython-10"
},
{
"binary_version": "10.17-0ubuntu0.18.04.1",
"binary_name": "postgresql-plpython3-10"
},
{
"binary_version": "10.17-0ubuntu0.18.04.1",
"binary_name": "postgresql-pltcl-10"
},
{
"binary_version": "10.17-0ubuntu0.18.04.1",
"binary_name": "postgresql-server-dev-10"
}
]
}
{
"ecosystem": "Ubuntu:18.04:LTS",
"cves": [
{
"id": "CVE-2021-32027",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2021-32028",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
]
}
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "12.7-0ubuntu0.20.04.1",
"binary_name": "libecpg-compat3"
},
{
"binary_version": "12.7-0ubuntu0.20.04.1",
"binary_name": "libecpg-dev"
},
{
"binary_version": "12.7-0ubuntu0.20.04.1",
"binary_name": "libecpg6"
},
{
"binary_version": "12.7-0ubuntu0.20.04.1",
"binary_name": "libpgtypes3"
},
{
"binary_version": "12.7-0ubuntu0.20.04.1",
"binary_name": "libpq-dev"
},
{
"binary_version": "12.7-0ubuntu0.20.04.1",
"binary_name": "libpq5"
},
{
"binary_version": "12.7-0ubuntu0.20.04.1",
"binary_name": "postgresql-12"
},
{
"binary_version": "12.7-0ubuntu0.20.04.1",
"binary_name": "postgresql-client-12"
},
{
"binary_version": "12.7-0ubuntu0.20.04.1",
"binary_name": "postgresql-doc-12"
},
{
"binary_version": "12.7-0ubuntu0.20.04.1",
"binary_name": "postgresql-plperl-12"
},
{
"binary_version": "12.7-0ubuntu0.20.04.1",
"binary_name": "postgresql-plpython3-12"
},
{
"binary_version": "12.7-0ubuntu0.20.04.1",
"binary_name": "postgresql-pltcl-12"
},
{
"binary_version": "12.7-0ubuntu0.20.04.1",
"binary_name": "postgresql-server-dev-12"
}
]
}
{
"ecosystem": "Ubuntu:20.04:LTS",
"cves": [
{
"id": "CVE-2021-32027",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2021-32028",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2021-32029",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
]
}