what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

CVE-2022-1552

Status Candidate

Overview

A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protections too late or not at all during the process. This flaw allows an attacker with permission to create non-temporary objects in at least one schema to execute arbitrary SQL functions under a superuser identity.

Related Files

Gentoo Linux Security Advisory 202211-04
Posted Nov 21, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202211-4 - Multiple vulnerabilities have been found in PostgreSQL, the worst of which could result in remote code execution. Versions greater than or equal to 10.22:10 are affected.

tags | advisory, remote, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2021-23214, CVE-2021-23222, CVE-2021-32027, CVE-2021-32028, CVE-2021-3677, CVE-2022-1552, CVE-2022-2625
SHA-256 | 71880d0d6245b1983636aab28aca723a5ddf8d538cf706cff9fa682f7fca99ab
Ubuntu Security Notice USN-5676-1
Posted Oct 17, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5676-1 - Alexander Lakhin discovered that PostgreSQL incorrectly handled the security restricted operation sandbox when a privileged user is maintaining another user’s objects. An attacker having permission to create non-temp objects can use this issue to execute arbitrary commands as the superuser.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-1552
SHA-256 | 9da0bc0ee9f52b513c02af9341f067dfcb0ce59b2c44f72a5cedfb5e5487c64d
Red Hat Security Advisory 2022-6252-02
Posted Sep 7, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6252-02 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 3.11.784. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2020-26116, CVE-2020-26137, CVE-2021-3177, CVE-2021-39226, CVE-2021-46784, CVE-2022-1271, CVE-2022-1552, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-21540, CVE-2022-21541, CVE-2022-2526, CVE-2022-29154
SHA-256 | 3579463a99c4e63010aef250904c7f9f1b1b3fbe1da0e14d8bd0f44d9140902f
Red Hat Security Advisory 2022-5162-01
Posted Jun 22, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5162-01 - PostgreSQL is an advanced object-relational database management system.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1552
SHA-256 | 5f186dcdbb7f309d4ce60d158f3011be4f8a2853c324b0f5a1a7afa5c51fdc2b
Red Hat Security Advisory 2022-4929-01
Posted Jun 7, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4929-01 - PostgreSQL is an advanced object-relational database management system.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1552
SHA-256 | c936a76cde58fe9ba0c6dd841e33111a64c142b0ecb0bb7beef8319cffacaab0
Red Hat Security Advisory 2022-4915-01
Posted Jun 7, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4915-01 - PostgreSQL is an advanced object-relational database management system.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1552
SHA-256 | da10d33ae9ab76b4cc74c4d3a81cfa7948b1d187fe82fbc6316cd849f2b6be19
Red Hat Security Advisory 2022-4913-01
Posted Jun 7, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4913-01 - PostgreSQL is an advanced object-relational database management system.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1552
SHA-256 | 84e0920c55ee4159c03535d6369c2e18f99d67e3b2865dea3143bf316fd42261
Red Hat Security Advisory 2022-4893-01
Posted Jun 6, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4893-01 - PostgreSQL is an advanced object-relational database management system.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1552
SHA-256 | 2fa0fa498326d77ec62422685f9b04739bc32663bce0fbb3f0868144992075ec
Red Hat Security Advisory 2022-4895-01
Posted Jun 6, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4895-01 - PostgreSQL is an advanced object-relational database management system.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1552
SHA-256 | 7bbf31cb5340e61c49d8636789fa5106483201ca66767621578e495f5060498d
Red Hat Security Advisory 2022-4894-01
Posted Jun 6, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4894-01 - PostgreSQL is an advanced object-relational database management system.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1552
SHA-256 | 8b6185b6d3a0207f73122d84395f1836cba693ed3666dc8382a5ddff972039a3
Red Hat Security Advisory 2022-4855-01
Posted Jun 2, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4855-01 - PostgreSQL is an advanced object-relational database management system.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1552
SHA-256 | 41d82a8e02b6acead80149a94ccb26e02d4966ee6a79d658583e012bfd773791
Red Hat Security Advisory 2022-4857-01
Posted Jun 2, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4857-01 - PostgreSQL is an advanced object-relational database management system.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1552
SHA-256 | 41afdbff78131a0d84d9a957f7f182ef0267ea3851dd12287ad51245ab078faf
Red Hat Security Advisory 2022-4854-01
Posted Jun 2, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4854-01 - PostgreSQL is an advanced object-relational database management system.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1552
SHA-256 | 211214668a0916e1f9e1d0313ed94b0849a79f05c8b75c99953ec4e681819a12
Red Hat Security Advisory 2022-4856-01
Posted Jun 2, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4856-01 - PostgreSQL is an advanced object-relational database management system.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1552
SHA-256 | e8680a144409d3828fda20abc82411e3c84daba23191a6866a6335a58f7ede8c
Red Hat Security Advisory 2022-4807-01
Posted May 31, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4807-01 - PostgreSQL is an advanced object-relational database management system.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1552
SHA-256 | 1524b4c65ae52a34aba64e454679b7f54723c6a0a1f56a84917242dede9728c9
Red Hat Security Advisory 2022-4805-01
Posted May 31, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4805-01 - PostgreSQL is an advanced object-relational database management system.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1552
SHA-256 | 19e113c062e6d076e82801a44fc7c5a93c5bae4f5e50097cfe260fcc563d2a5f
Red Hat Security Advisory 2022-4771-01
Posted May 31, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4771-01 - PostgreSQL is an advanced object-relational database management system.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-1552
SHA-256 | f7bcaff63d1c0119178a96096d52f878afa95365ed319f815c8210aee497b542
Debian Security Advisory 5135-1
Posted May 28, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5135-1 - Alexander Lakhin discovered that the autovacuum feature and multiple commands could escape the "security-restricted operation" sandbox.

tags | advisory
systems | linux, debian
advisories | CVE-2022-1552
SHA-256 | 1b401aa5d4faa58548f69e0c306dce3fb91d1605a94358de2d2d830a3feb50ec
Debian Security Advisory 5136-1
Posted May 28, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5136-1 - Alexander Lakhin discovered that the autovacuum feature and multiple commands could escape the "security-restricted operation" sandbox.

tags | advisory
systems | linux, debian
advisories | CVE-2022-1552
SHA-256 | 4c672e27969980ce314a521bcf42a8214533fcf51ff7393b899bb81a6e6a4124
Ubuntu Security Notice USN-5440-1
Posted May 24, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5440-1 - Alexander Lakhin discovered that PostgreSQL incorrectly handled the security restricted operation sandbox when a privileged user is maintaining another user's objects. An attacker having permission to create non-temp objects can use this issue to execute arbitrary commands as the superuser.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-1552
SHA-256 | afb7ac8dfa18021533dd1fe40974a4cd36cb7516b0d83f7e79b332743aa4ed7d
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close