Vulnerability CVE-2021-32029

Vulnerability Name:

CVE-2021-32029 (CCN-207909)

Assigned:

2021-05-13

Published:

2021-05-13

Updated:

2022-08-05

Summary:

A flaw was found in postgresql. Using an UPDATE ... RETURNING command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data confidentiality.

CVSS v3 Severity:

6.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
5.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
5.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

6.5 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
5.7 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

CVSS v2 Severity:

4.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Complete Integrity (I): None Availibility (A): None

Vulnerability Type:

CWE-125

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2021-32029

Source: CCN
Type: Red Hat Bugzilla Bug 1956883
(CVE-2021-32029) - CVE-2021-32029 postgresql: Memory disclosure in partitioned-table UPDATE ... RETURNING

Source: MISC
Type: Issue Tracking, Patch, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1956883

Source: XF
Type: UNKNOWN
postgresql-cve202132029-info-disc(207909)

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20211112-0003/

Source: CCN
Type: IBM Security Bulletin 6492933 (Sterling Connect:Direct for Microsoft Windows)
PostgreSQL Vulnerability Affects IBM Sterling Connect:Direct for Microsoft Windows (CVE-2021-32029)

Source: CCN
Type: IBM Security Bulletin 6496681 (API Connect)
IBM API Connect is impacted by a vulnerability in PostgreSQL (CVE-2021-32029)

Source: CCN
Type: IBM Security Bulletin 6518584 (Connect:Direct Web Services)
PostgreSQL Sensitive Information Exposure Vulnerability Affects IBM Connect:Direct Web Services (CVE-2021-32029)

Source: CCN
Type: IBM Security Bulletin 6525250 (Spectrum Copy Data Management)
Vulnerabilities in PostgreSQL, Apache, Golang Go, and Linux Kernel affect IBM Spectrum Copy Data Management

Source: CCN
Type: IBM Security Bulletin 6538418 (Security Verify Access)
Multiple Security Vulnerabilities fixed in IBM Security Verify Access

Source: CCN
Type: PostgreSQL Web site
Memory disclosure in partitioned-table UPDATE ... RETURNING

Source: MISC
Type: Vendor Advisory
https://www.postgresql.org/support/security/CVE-2021-32029/

Vulnerable Configuration:

Configuration 1:

cpe:/a:postgresql:postgresql:*:*:*:*:*:*:*:* (Version >= 13.0 and < 13.3)

OR cpe:/a:postgresql:postgresql:*:*:*:*:*:*:*:* (Version >= 12.0 and < 12.7)

OR cpe:/a:postgresql:postgresql:*:*:*:*:*:*:*:* (Version >= 11.0 and < 11.12)

Configuration 2:

cpe:/a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration CCN 1:

cpe:/a:ibm:sterling_connect:direct:6.0:*:*:*:microsoft_windows:*:*:*

OR cpe:/a:ibm:api_connect:10.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_verify_access:10.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_verify_access:10.0.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_verify_access:10.0.1.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:8029	P	kernel-docs-5.14.21-150500.53.2 on GA media (Moderate)	2023-06-20
oval:org.opensuse.security:def:7649	P	libpq5-15.3-150200.5.9.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7466	P	coreutils-8.32-150400.7.5 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:8089	P	postgresql14-14.8-150200.5.26.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7957	P	libplist++-devel-2.0.0-1.31 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7968	P	libvdpau-devel-1.1.1-150000.3.2.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:706	P	Security update for perl-HTTP-Daemon (Moderate)	2022-08-23
oval:org.opensuse.security:def:95291	P	Security update for keylime (Important)	2022-08-03
oval:org.opensuse.security:def:95252	P	Security update for apache2 (Important)	2022-07-06
oval:org.opensuse.security:def:3487	P	file-5.22-10.12.2 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3440	P	automake-1.13.4-6.2 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3607	P	libidn-tools-1.28-5.6.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3061	P	elfutils-0.158-7.7.2 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3447	P	bubblewrap-0.3.3-1.31 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3421	P	PackageKit-1.1.3-24.9.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94552	P	freetype2-devel-2.10.1-4.8.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94691	P	libpq5-14.2-5.9.2 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95077	P	postgresql13-13.6-5.25.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94533	P	cyrus-sasl-2.1.27-150300.4.6.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95117	P	libecpg6-14.2-5.9.2 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:6062	P	Security update for librelp (Moderate)	2022-05-31
oval:org.opensuse.security:def:101965	P	Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP3) (Important)	2022-04-15
oval:org.opensuse.security:def:102004	P	Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP3) (Critical)	2022-02-16
oval:org.opensuse.security:def:6022	P	Security update for aide (Important)	2022-01-20
oval:org.opensuse.security:def:113160	P	postgresql12-12.8-1.3 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:112621	P	libecpg6-13.4-1.3 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:113158	P	postgresql11-11.13-1.3 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:106104	P	libecpg6-13.4-1.3 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:106584	P	postgresql11-11.13-1.3 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:106585	P	postgresql12-12.8-1.3 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:97001	P	dhcp-relay-4.3.5-4.15 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:101246	P	ant-1.10.7-4.3.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:101265	P	git-2.26.2-3.31.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:111554	P	Security update for postgresql13 (Moderate)	2021-07-19
oval:org.opensuse.security:def:68555	P	Security update for postgresql13 (Moderate)	2021-07-11
oval:org.opensuse.security:def:1465	P	Security update for postgresql13 (Moderate)	2021-07-11
oval:org.opensuse.security:def:111586	P	Security update for postgresql12 (Moderate)	2021-07-10
oval:org.opensuse.security:def:67151	P	Security update for postgresql12 (Moderate)	2021-06-17
oval:org.opensuse.security:def:117446	P	Security update for postgresql12 (Moderate)	2021-06-17
oval:org.opensuse.security:def:109405	P	Security update for postgresql12 (Moderate)	2021-06-17
oval:org.opensuse.security:def:76219	P	Security update for postgresql12 (Moderate)	2021-06-17
oval:org.opensuse.security:def:67561	P	Security update for postgresql12 (Moderate)	2021-06-17
oval:org.opensuse.security:def:108670	P	Security update for postgresql12 (Moderate)	2021-06-17
oval:org.opensuse.security:def:101870	P	Security update for postgresql12 (Moderate)	2021-06-17
oval:org.opensuse.security:def:69057	P	Security update for postgresql12 (Moderate)	2021-06-17
oval:org.opensuse.security:def:66832	P	Security update for postgresql12 (Moderate)	2021-06-17
oval:org.opensuse.security:def:64529	P	Security update for postgresql12 (Moderate)	2021-06-17
oval:org.opensuse.security:def:75900	P	Security update for postgresql12 (Moderate)	2021-06-17
oval:org.opensuse.security:def:96049	P	Security update for postgresql12 (Moderate)	2021-06-17
oval:org.opensuse.security:def:107931	P	Security update for postgresql12 (Moderate)	2021-06-17
oval:org.opensuse.security:def:73651	P	Security update for postgresql12 (Moderate)	2021-06-17
oval:org.opensuse.security:def:6472	P	Security update for postgresql12 (Moderate)	2021-06-17
oval:org.opensuse.security:def:102739	P	Security update for postgresql12 (Moderate)	2021-06-17
oval:org.opensuse.security:def:97073	P	Security update for postgresql12 (Moderate)	2021-06-17
oval:org.opensuse.security:def:118501	P	Security update for postgresql12 (Moderate)	2021-06-17
oval:org.opensuse.security:def:5743	P	Security update for postgresql12 (Moderate)	2021-06-17
oval:com.redhat.rhsa:def:20212372	P	RHSA-2021:2372: postgresql:12 security update (Important)	2021-06-10
oval:com.redhat.rhsa:def:20212375	P	RHSA-2021:2375: postgresql:13 security update (Important)	2021-06-10
oval:org.opensuse.security:def:32929	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:108631	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:60267	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:101437	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:73818	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:7422	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:95847	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:69046	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:94377	P	(Moderate)	2021-05-27
oval:org.opensuse.security:def:66793	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:1606	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:99948	P	(Moderate)	2021-05-27
oval:org.opensuse.security:def:5046	P	Security update for postgresql12 (Moderate)	2021-05-27
oval:org.opensuse.security:def:34443	P	Security update for postgresql12 (Moderate)	2021-05-27
oval:org.opensuse.security:def:93739	P	(Moderate)	2021-05-27
oval:org.opensuse.security:def:64510	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:75861	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:102560	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:96038	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:118311	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:26059	P	Security update for postgresql12 (Moderate)	2021-05-27
oval:org.opensuse.security:def:107912	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:58752	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:100283	P	(Moderate)	2021-05-27
oval:org.opensuse.security:def:73632	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:5047	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:34444	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:68511	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:93954	P	(Moderate)	2021-05-27
oval:org.opensuse.security:def:109226	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:102728	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:118490	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:5704	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:69118	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:26060	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:67111	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:60266	P	Security update for postgresql12 (Moderate)	2021-05-27
oval:org.opensuse.security:def:100612	P	(Moderate)	2021-05-27
oval:org.opensuse.security:def:117427	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:94165	P	(Moderate)	2021-05-27
oval:org.opensuse.security:def:109394	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:64696	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:76179	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:87393	P	Security update for postgresql13 (Moderate)	2021-05-27

BACK