CVE-2024-7348

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-7348
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-7348.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-7348
Aliases
Related
Published
2024-08-08T13:15:14Z
Modified
2024-12-05T15:43:32.305098Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Time-of-check Time-of-use (TOCTOU) race condition in pgdump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected.

References

Affected packages

Alpine:v3.17 / postgresql14

Package

Name
postgresql14
Purl
pkg:apk/alpine/postgresql14?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
14.13-r0

Affected versions

8.*

8.3.5-r0
8.3.7-r0
8.3.7-r1
8.3.7-r2
8.3.7-r3
8.4.0-r0
8.4.0-r1
8.4.0-r2
8.4.1-r0
8.4.1-r1
8.4.2-r0
8.4.2-r1
8.4.3-r0
8.4.3-r1
8.4.3-r2
8.4.3-r3
8.4.4-r0

9.*

9.0.1-r0
9.0.2-r0
9.0.3-r0
9.0.3-r1
9.0.4-r0
9.1.0-r0
9.1.0-r1
9.1.1-r0
9.1.1-r1
9.1.1-r2
9.1.2-r0
9.1.2-r1
9.1.2-r2
9.1.3-r0
9.1.4-r0
9.1.5-r0
9.2.0-r0
9.2.0-r1
9.2.1-r0
9.2.1-r1
9.2.1-r2
9.2.2-r0
9.2.3-r0
9.2.4-r0
9.3.0-r0
9.3.0-r1
9.3.0-r2
9.3.1-r0
9.3.2-r0
9.3.3-r0
9.3.3-r1
9.3.3-r2
9.3.4-r0
9.3.4-r1
9.3.5-r0
9.3.5-r1
9.4.0-r0
9.4.1-r0
9.4.1-r1
9.4.1-r2
9.4.1-r3
9.4.2-r0
9.4.3-r0
9.4.4-r0
9.4.5-r0
9.4.5-r1
9.5.0-r0
9.5.1-r0
9.5.2-r0
9.5.2-r1
9.5.2-r2
9.5.2-r3
9.5.2-r4
9.5.3-r0
9.5.3-r1
9.5.4-r0
9.6.0-r0
9.6.0-r1
9.6.1-r0
9.6.1-r1
9.6.2-r0
9.6.2-r1
9.6.2-r2
9.6.2-r3
9.6.2-r4
9.6.3-r0
9.6.4-r0
9.6.4-r1
9.6.5-r0
9.6.5-r1

10.*

10.0-r0
10.0-r1
10.1-r0
10.1-r1
10.1-r2
10.2-r0
10.3-r0
10.3-r1
10.4-r0
10.5-r0

11.*

11.0-r0
11.0-r1
11.1-r0
11.2-r0
11.2-r1
11.3-r0
11.3-r1
11.3-r2
11.4-r0
11.4-r1
11.5-r0
11.5-r1
11.5-r2

12.*

12.0-r0
12.0-r1
12.1-r0
12.1-r1
12.1-r2
12.2-r0
12.2-r1
12.2-r2
12.2-r3
12.3-r0
12.3-r1
12.3-r2
12.4-r0
12.4-r1
12.5-r0
12.5-r1

13.*

13.1-r0
13.1-r1
13.1-r2
13.2-r0
13.2-r1
13.2-r2
13.2-r3
13.2-r4
13.3-r0
13.3-r1
13.4-r0
13.4-r1
13.4-r2

14.*

14.0-r0
14.0-r2
14.0-r3
14.0-r4
14.0-r5
14.0-r6
14.1-r0
14.1-r1
14.1-r2
14.1-r3
14.1-r4
14.1-r5
14.1-r6
14.1-r7
14.2-r0
14.2-r1
14.2-r2
14.2-r3
14.3-r0
14.3-r1
14.4-r0
14.4-r1
14.4-r2
14.5-r0
14.5-r1
14.5-r2
14.5-r3
14.6-r0
14.6-r1
14.7-r0
14.8-r0
14.9-r0
14.10-r0
14.11-r0
14.12-r0

Alpine:v3.17 / postgresql15

Package

Name
postgresql15
Purl
pkg:apk/alpine/postgresql15?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15.8-r0

Affected versions

15.*

15.1-r0
15.2-r0
15.3-r0
15.4-r0
15.5-r0
15.6-r0
15.7-r0

Alpine:v3.18 / postgresql14

Package

Name
postgresql14
Purl
pkg:apk/alpine/postgresql14?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
14.13-r0

Affected versions

8.*

8.3.5-r0
8.3.7-r0
8.3.7-r1
8.3.7-r2
8.3.7-r3
8.4.0-r0
8.4.0-r1
8.4.0-r2
8.4.1-r0
8.4.1-r1
8.4.2-r0
8.4.2-r1
8.4.3-r0
8.4.3-r1
8.4.3-r2
8.4.3-r3
8.4.4-r0

9.*

9.0.1-r0
9.0.2-r0
9.0.3-r0
9.0.3-r1
9.0.4-r0
9.1.0-r0
9.1.0-r1
9.1.1-r0
9.1.1-r1
9.1.1-r2
9.1.2-r0
9.1.2-r1
9.1.2-r2
9.1.3-r0
9.1.4-r0
9.1.5-r0
9.2.0-r0
9.2.0-r1
9.2.1-r0
9.2.1-r1
9.2.1-r2
9.2.2-r0
9.2.3-r0
9.2.4-r0
9.3.0-r0
9.3.0-r1
9.3.0-r2
9.3.1-r0
9.3.2-r0
9.3.3-r0
9.3.3-r1
9.3.3-r2
9.3.4-r0
9.3.4-r1
9.3.5-r0
9.3.5-r1
9.4.0-r0
9.4.1-r0
9.4.1-r1
9.4.1-r2
9.4.1-r3
9.4.2-r0
9.4.3-r0
9.4.4-r0
9.4.5-r0
9.4.5-r1
9.5.0-r0
9.5.1-r0
9.5.2-r0
9.5.2-r1
9.5.2-r2
9.5.2-r3
9.5.2-r4
9.5.3-r0
9.5.3-r1
9.5.4-r0
9.6.0-r0
9.6.0-r1
9.6.1-r0
9.6.1-r1
9.6.2-r0
9.6.2-r1
9.6.2-r2
9.6.2-r3
9.6.2-r4
9.6.3-r0
9.6.4-r0
9.6.4-r1
9.6.5-r0
9.6.5-r1

10.*

10.0-r0
10.0-r1
10.1-r0
10.1-r1
10.1-r2
10.2-r0
10.3-r0
10.3-r1
10.4-r0
10.5-r0

11.*

11.0-r0
11.0-r1
11.1-r0
11.2-r0
11.2-r1
11.3-r0
11.3-r1
11.3-r2
11.4-r0
11.4-r1
11.5-r0
11.5-r1
11.5-r2

12.*

12.0-r0
12.0-r1
12.1-r0
12.1-r1
12.1-r2
12.2-r0
12.2-r1
12.2-r2
12.2-r3
12.3-r0
12.3-r1
12.3-r2
12.4-r0
12.4-r1
12.5-r0
12.5-r1

13.*

13.1-r0
13.1-r1
13.1-r2
13.2-r0
13.2-r1
13.2-r2
13.2-r3
13.2-r4
13.3-r0
13.3-r1
13.4-r0
13.4-r1
13.4-r2

14.*

14.0-r0
14.0-r2
14.0-r3
14.0-r4
14.0-r5
14.0-r6
14.1-r0
14.1-r1
14.1-r2
14.1-r3
14.1-r4
14.1-r5
14.1-r6
14.1-r7
14.2-r0
14.2-r1
14.2-r2
14.2-r3
14.3-r0
14.3-r1
14.4-r0
14.4-r1
14.4-r2
14.5-r0
14.5-r1
14.5-r2
14.5-r3
14.6-r0
14.6-r1
14.7-r0
14.7-r1
14.7-r2
14.7-r3
14.7-r4
14.8-r0
14.9-r0
14.10-r0
14.11-r0
14.12-r0

Alpine:v3.18 / postgresql15

Package

Name
postgresql15
Purl
pkg:apk/alpine/postgresql15?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15.8-r0

Affected versions

15.*

15.1-r0
15.1-r1
15.2-r0
15.2-r1
15.2-r2
15.2-r3
15.2-r4
15.3-r0
15.4-r0
15.5-r0
15.6-r0
15.7-r0

Alpine:v3.19 / postgresql15

Package

Name
postgresql15
Purl
pkg:apk/alpine/postgresql15?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15.8-r0

Affected versions

15.*

15.1-r0
15.1-r1
15.2-r0
15.2-r1
15.2-r2
15.2-r3
15.2-r4
15.3-r0
15.3-r1
15.4-r0
15.4-r1
15.4-r2
15.5-r0
15.6-r0
15.7-r0

Alpine:v3.19 / postgresql16

Package

Name
postgresql16
Purl
pkg:apk/alpine/postgresql16?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
16.4-r0

Affected versions

16.*

16.0-r0
16.0-r1
16.0-r2
16.1-r0
16.2-r0
16.2-r1
16.3-r0

Alpine:v3.20 / postgresql15

Package

Name
postgresql15
Purl
pkg:apk/alpine/postgresql15?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15.8-r0

Affected versions

15.*

15.1-r0
15.1-r1
15.2-r0
15.2-r1
15.2-r2
15.2-r3
15.2-r4
15.3-r0
15.3-r1
15.4-r0
15.4-r1
15.4-r2
15.5-r0
15.6-r0
15.6-r1
15.6-r2
15.7-r0

Alpine:v3.20 / postgresql16

Package

Name
postgresql16
Purl
pkg:apk/alpine/postgresql16?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
16.4-r0

Affected versions

16.*

16.0-r0
16.0-r1
16.0-r2
16.1-r0
16.2-r0
16.2-r1
16.2-r2
16.2-r3
16.2-r4
16.3-r0

Alpine:v3.21 / postgresql16

Package

Name
postgresql16
Purl
pkg:apk/alpine/postgresql16?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
16.4-r0

Affected versions

16.*

16.0-r0
16.0-r1
16.0-r2
16.1-r0
16.2-r0
16.2-r1
16.2-r2
16.2-r3
16.2-r4
16.3-r0
16.3-r1

Debian:11 / postgresql-13

Package

Name
postgresql-13
Purl
pkg:deb/debian/postgresql-13?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
13.16-0+deb11u1

Affected versions

13.*

13.3-1
13.4-0+deb11u1
13.4-1
13.4-2
13.4-3
13.5-0+deb11u1
13.7-0+deb11u1
13.8-0+deb11u1
13.9-0+deb11u1
13.10-0+deb11u1
13.11-0+deb11u1
13.12-0+deb11u1
13.13-0+deb11u1
13.14-0+deb11u1
13.15-0+deb11u1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / postgresql-15

Package

Name
postgresql-15
Purl
pkg:deb/debian/postgresql-15?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15.8-0+deb12u1

Affected versions

15.*

15.3-0+deb12u1
15.3-1
15.4-0+deb12u1
15.4-1
15.4-2
15.4-3
15.5-0+deb12u1
15.6-0+deb12u1
15.7-0+deb12u1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / postgresql-16

Package

Name
postgresql-16
Purl
pkg:deb/debian/postgresql-16?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
16.4-1

Affected versions

Other

16~beta1-1
16~beta1-2
16~beta2-1
16~beta3-1
16~rc1-1
16~rc1-2

16.*

16.0-2
16.1-1
16.2-1
16.2-2
16.3-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / git.postgresql.org/git/postgresql.git

Affected ranges

Type
GIT
Repo
https://git.postgresql.org/git/postgresql.git
Events
Introduced
ad1f2885b8c82e0c2d56d7974f012cbecce17a17
Fixed
76265a851b13bbb001a218481c0cb6315c0fdfe6

Affected versions

Other

REL_12_0
REL_12_1
REL_12_10
REL_12_11
REL_12_12
REL_12_13
REL_12_14
REL_12_15
REL_12_16
REL_12_17
REL_12_18
REL_12_19
REL_12_2
REL_12_3
REL_12_4
REL_12_5
REL_12_6
REL_12_7
REL_12_8
REL_12_9