{ "threat_severity" : "Moderate", "public_date" : "2017-11-09T00:00:00Z", "bugzilla" : { "description" : "postgresql: Start scripts permit database administrator to modify root-owned files", "id" : "1498394", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1498394" }, "cvss3" : { "cvss3_base_score" : "6.5", "cvss3_scoring_vector" : "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "status" : "verified" }, "cwe" : "CWE-59", "details" : [ "PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24 runs under a non-root operating system account, and database superusers have effective ability to run arbitrary code under that system account. PostgreSQL provides a script for starting the database server during system boot. Packages of PostgreSQL for many operating systems provide their own, packager-authored startup implementations. Several implementations use a log file name that the database superuser can replace with a symbolic link. As root, they open(), chmod() and/or chown() this log file name. This often suffices for the database superuser to escalate to root privileges when root starts the server.", "Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine." ], "statement" : "Red Hat Enterprise Linux 6 and Satellite 5 are now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.", "acknowledgement" : "Red Hat would like to thank the PostgreSQL project for reporting this issue. Upstream acknowledges Antoine Scemama (Brainloop) as the original reporter.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2017-12-08T00:00:00Z", "advisory" : "RHSA-2017:3402", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "postgresql-0:9.2.23-3.el7_4" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date" : "2017-12-08T00:00:00Z", "advisory" : "RHSA-2017:3403", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el6", "package" : "rh-postgresql94-postgresql-0:9.4.14-2.el6" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date" : "2017-12-08T00:00:00Z", "advisory" : "RHSA-2017:3404", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el6", "package" : "rh-postgresql95-postgresql-0:9.5.9-4.el6" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date" : "2017-12-08T00:00:00Z", "advisory" : "RHSA-2017:3405", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el6", "package" : "rh-postgresql96-postgresql-0:9.6.5-2.el6" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS", "release_date" : "2017-12-08T00:00:00Z", "advisory" : "RHSA-2017:3403", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el6", "package" : "rh-postgresql94-postgresql-0:9.4.14-2.el6" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS", "release_date" : "2017-12-08T00:00:00Z", "advisory" : "RHSA-2017:3404", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el6", "package" : "rh-postgresql95-postgresql-0:9.5.9-4.el6" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS", "release_date" : "2017-12-08T00:00:00Z", "advisory" : "RHSA-2017:3405", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el6", "package" : "rh-postgresql96-postgresql-0:9.6.5-2.el6" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date" : "2017-12-08T00:00:00Z", "advisory" : "RHSA-2017:3403", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-postgresql94-postgresql-0:9.4.14-2.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date" : "2017-12-08T00:00:00Z", "advisory" : "RHSA-2017:3404", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-postgresql95-postgresql-0:9.5.9-4.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date" : "2017-12-08T00:00:00Z", "advisory" : "RHSA-2017:3405", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-postgresql96-postgresql-0:9.6.5-2.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7.3 EUS", "release_date" : "2017-12-08T00:00:00Z", "advisory" : "RHSA-2017:3403", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-postgresql94-postgresql-0:9.4.14-2.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7.3 EUS", "release_date" : "2017-12-08T00:00:00Z", "advisory" : "RHSA-2017:3404", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-postgresql95-postgresql-0:9.5.9-4.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7.3 EUS", "release_date" : "2017-12-08T00:00:00Z", "advisory" : "RHSA-2017:3405", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-postgresql96-postgresql-0:9.6.5-2.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS", "release_date" : "2017-12-08T00:00:00Z", "advisory" : "RHSA-2017:3403", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-postgresql94-postgresql-0:9.4.14-2.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS", "release_date" : "2017-12-08T00:00:00Z", "advisory" : "RHSA-2017:3404", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-postgresql95-postgresql-0:9.5.9-4.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS", "release_date" : "2017-12-08T00:00:00Z", "advisory" : "RHSA-2017:3405", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-postgresql96-postgresql-0:9.6.5-2.el7" }, { "product_name" : "Red Hat Virtualization Engine 4.2", "release_date" : "2017-12-08T00:00:00Z", "advisory" : "RHSA-2017:3404", "cpe" : "cpe:/a:redhat:rhev_manager:4.2", "package" : "rh-postgresql95-postgresql-0:9.5.9-4.el7" }, { "product_name" : "Red Hat Virtualization Engine 4.3", "release_date" : "2017-12-08T00:00:00Z", "advisory" : "RHSA-2017:3404", "cpe" : "cpe:/a:redhat:rhev_manager:4.3", "package" : "rh-postgresql95-postgresql-0:9.5.9-4.el7" } ], "package_state" : [ { "product_name" : "CloudForms Management Engine 5", "fix_state" : "Affected", "package_name" : "postgresql94", "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5", "impact" : "low" }, { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Will not fix", "package_name" : "postgresql", "cpe" : "cpe:/o:redhat:enterprise_linux:5" }, { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Will not fix", "package_name" : "postgresql84", "cpe" : "cpe:/o:redhat:enterprise_linux:5" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Will not fix", "package_name" : "postgresql", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Satellite 5", "fix_state" : "Affected", "package_name" : "rh-postgresql95-postgresql", "cpe" : "cpe:/a:redhat:network_satellite:5", "impact" : "low" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2017-12172\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-12172\nhttps://www.postgresql.org/about/news/1801/" ], "name" : "CVE-2017-12172", "csaw" : false }