CVE-2024-0985

Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted materialized views. The victim is a superuser or member of one of the attacker's roles. The attack requires luring the victim into running REFRESH MATERIALIZED VIEW CONCURRENTLY on the attacker's materialized view. Versions before PostgreSQL 16.2, 15.6, 14.11, 13.14, and 12.18 are affected.

References

Affected packages

Git / git.postgresql.org/git/postgresql.git

Affected ranges

Type: GIT
Repo: https://git.postgresql.org/git/postgresql.git
Events: Introduced

ad1f2885b8c82e0c2d56d7974f012cbecce17a17

Fixed

3ba17930941ea629b2ffb5cd252f3055d4d4a9a6

Introduced

2a7ce2e2ce474504a707ec03e128fde66cfb8b48

Fixed

496a1dc44bf1261053da9b3f7e430769754298b4

Introduced

29be9983a64c011eac0b9ee29895cce71e15ea77

Fixed

b3b2bf3b9cc1f31170d3b4e21cb6ac0cf24bf90a

Introduced

86a4dc1e6f29d1992a2afa3fac1a0b0a6e84568c

Fixed

d1a2a93766b0a27eb4ffecdb63ed3879088dbfbe

Affected versions

Other

REL_12_0

REL_12_1

REL_12_10

REL_12_11

REL_12_12

REL_12_13

REL_12_14

REL_12_15

REL_12_16

REL_12_17

REL_12_2

REL_12_3

REL_12_4

REL_12_5

REL_12_6

REL_12_7

REL_12_8

REL_12_9

REL_13_0

REL_13_1

REL_13_10

REL_13_11

REL_13_12

REL_13_13

REL_13_2

REL_13_3

REL_13_4

REL_13_5

REL_13_6

REL_13_7

REL_13_8

REL_13_9

REL_14_0

REL_14_1

REL_14_10

REL_14_2

REL_14_3

REL_14_4

REL_14_5

REL_14_6

REL_14_7

REL_14_8

REL_14_9

REL_15_0

REL_15_1

REL_15_2

REL_15_3

REL_15_4

REL_15_5

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-0985.json"