CVE-2023-5870

Role "pg_signal_backend" can signal certain superuser processes

Documentation says the pg_signal_backend role cannot signal "a backend owned by a superuser". On the contrary, it can signal background workers, including the logical replication launcher. It can signal autovacuum workers and the autovacuum launcher. Signaling autovacuum workers and those two launchers provides no meaningful exploit, so exploiting this vulnerability requires a non-core extension with a less-resilient background worker. For example, a non-core background worker that does not auto-restart would experience a denial of service with respect to that particular background worker.

The PostgreSQL project thanks Hemanth Sandrana and Mahendrakar Srinivasarao for reporting this problem.

Version Information

Affected Version Fixed In Fix Published
16 16.1 Nov. 9, 2023
15 15.5 Nov. 9, 2023
14 14.10 Nov. 9, 2023
13 13.13 Nov. 9, 2023
12 12.17 Nov. 9, 2023
11 11.22 Nov. 9, 2023

For more information about PostgreSQL versioning, please visit the versioning page.

CVSS 3.0

Overall Score 2.2
Component core server
Vector AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L

Reporting Security Vulnerabilities

If you wish to report a new security vulnerability in PostgreSQL, please send an email to security@postgresql.org.

For reporting non-security bugs, please see the Report a Bug page.