Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2024-0985

Good to know:

icon

Date: February 8, 2024

Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted materialized views. The victim is a superuser or member of one of the attacker's roles. The attack requires luring the victim into running REFRESH MATERIALIZED VIEW CONCURRENTLY on the attacker's materialized view. As part of exploiting this vulnerability, the attacker creates functions that use CREATE RULE to convert the internally-built temporary table to a view. Versions before PostgreSQL 15.6, 14.11, 13.14, and 12.18 are affected. The only known exploit does not work in PostgreSQL 16 and later. For defense in depth, PostgreSQL 16.2 adds the protections that older branches are using to fix their vulnerability.

Language: C

Severity Score

Related Resources (5)

https://lists.debian.org/debian-lts-announce/2024/03/msg00017.html
https://www.postgresql.org/support/security/CVE-2024-0985/
https://security-tracker.debian.org/tracker/CVE-2024-0985
https://nvd.nist.gov/vuln/detail/CVE-2024-0985
https://www.mend.io/vulnerability-database/CVE-2024-0985

Severity Score

Weakness Type (CWE)

Insufficient Information

NVD-CWE-noinfo

Privilege Dropping / Lowering Errors

CWE-271

Top Fix

icon

Upgrade Version

Upgrade to version REL_12_18,REL_13_14,REL_14_11,REL_15_6,REL_16_2

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): LOW
User Interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): HIGH

Do you need more information?

Contact Us