864847 – (CVE-2014-0062) VUL-0: CVE-2014-0062: postgresql: CREATE INDEX race condition possibly leading to privilege escalation

Bug 864847 (CVE-2014-0062) - VUL-0: CVE-2014-0062: postgresql: CREATE INDEX race condition possibly leading to privilege escalation

Summary: VUL-0: CVE-2014-0062: postgresql: CREATE INDEX race condition possibly leadin...

Status:	RESOLVED FIXED

Alias:	CVE-2014-0062

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Deadline:	2014-12-25
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/96412/
Whiteboard:	maint:released:sle10-sp3:60008
Keywords:

Depends on:
Blocks:	864856
	Show dependency tree / graph

Clone This Bug

Reported:	2014-02-20 10:55 UTC by Victor Pereira
Modified:	2018-11-07 16:27 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Victor Pereira 2014-02-20 10:55:12 UTC

CVE-2014-0062

A race condition when using CREATE INDEX could cause lookups to find table names (of the same name) in the wrong schema, allowing indexes to be created on tables the caller does not own. An authenticated database user could possibly leverage this flaw to escalate their privileges.

Acknowledgements:

Thanks to the PostgreSQL project for reporting this issue. Upstream acknowledges Andres Freund as the original reporter.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0062
https://bugzilla.redhat.com/show_bug.cgi?id=1065222

Comment 1 Swamp Workflow Management 2014-02-20 23:01:26 UTC

bugbot adjusting priority

Comment 2 Swamp Workflow Management 2014-02-21 15:08:05 UTC

The SWAMPID for this issue is 56361.
This issue was rated as moderate.
Please submit fixed packages until 2014-03-07.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.

Comment 3 SMASH SMASH 2014-02-21 15:10:29 UTC

Affected packages:

SLE-11-SP3: postgresql
SLE-10-SP3-TERADATA: postgresql
SLE-11-SP2: postgresql

Comment 6 Swamp Workflow Management 2014-03-08 14:05:20 UTC

openSUSE-SU-2014:0345-1: An update that fixes 8 vulnerabilities is now available.

Category: security (moderate)
Bug References: 864845,864846,864847,864850,864851,864852,864853
CVE References: CVE-2014-0060,CVE-2014-0061,CVE-2014-0062,CVE-2014-0063,CVE-2014-0064,CVE-2014-0065,CVE-2014-0066,CVE-2014-0067
Sources used:
openSUSE 13.1 (src):    postgresql92-9.2.7-4.4.1, postgresql92-libs-9.2.7-4.4.1
openSUSE 12.3 (src):    postgresql92-9.2.7-1.12.1, postgresql92-libs-9.2.7-1.12.1

Comment 7 Swamp Workflow Management 2014-03-13 18:05:09 UTC

openSUSE-SU-2014:0368-1: An update that fixes 8 vulnerabilities is now available.

Category: security (moderate)
Bug References: 864845,864846,864847,864850,864851,864852,864853
CVE References: CVE-2014-0060,CVE-2014-0061,CVE-2014-0062,CVE-2014-0063,CVE-2014-0064,CVE-2014-0065,CVE-2014-0066,CVE-2014-0067
Sources used:
openSUSE 11.4 (src):    postgresql-9.0.16-43.1, postgresql-libs-9.0.16-43.1

Comment 8 Swamp Workflow Management 2014-03-28 13:04:55 UTC

Update released for: libecpg6, libpq5, postgresql91, postgresql91-contrib, postgresql91-debuginfo, postgresql91-debugsource, postgresql91-devel, postgresql91-docs, postgresql91-libs, postgresql91-libs-debuginfo, postgresql91-libs-debugsource, postgresql91-plperl, postgresql91-plpython, postgresql91-pltcl, postgresql91-server, postgresql91-test
Products:
SLE-DEBUGINFO 11-SP1-TERADATA (x86_64)
SLE-SERVER 11-SP1-TERADATA (x86_64)

Comment 9 Swamp Workflow Management 2014-03-28 15:49:14 UTC

Update released for: libecpg6, libecpg6-32bit, libecpg6-64bit, libecpg6-x86, libpq5, libpq5-32bit, libpq5-64bit, libpq5-x86, postgresql91, postgresql91-contrib, postgresql91-debuginfo, postgresql91-debugsource, postgresql91-devel, postgresql91-docs, postgresql91-libs, postgresql91-libs-debuginfo, postgresql91-libs-debugsource, postgresql91-plperl, postgresql91-plpython, postgresql91-pltcl, postgresql91-server, postgresql91-test
Products:
SLE-DEBUGINFO 11-SP3 (i386, ia64, ppc64, s390x, x86_64)
SLE-DESKTOP 11-SP3 (i386, x86_64)
SLE-SDK 11-SP3 (i386, ia64, ppc64, s390x, x86_64)
SLE-SERVER 11-SP3 (i386, ia64, ppc64, s390x, x86_64)
SLES4VMWARE 11-SP3 (i386, x86_64)

Comment 10 Swamp Workflow Management 2014-03-28 19:04:41 UTC

SUSE-SU-2014:0461-1: An update that fixes 7 vulnerabilities is now available.

Category: security (moderate)
Bug References: 864845,864846,864847,864850,864851,864852,864853
CVE References: CVE-2014-0060,CVE-2014-0061,CVE-2014-0062,CVE-2014-0063,CVE-2014-0064,CVE-2014-0065,CVE-2014-0066
Sources used:
SUSE Linux Enterprise Software Development Kit 11 SP3 (src):    postgresql91-libs-9.1.12-0.3.1
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    postgresql91-9.1.12-0.3.1, postgresql91-libs-9.1.12-0.3.1
SUSE Linux Enterprise Server 11 SP3 (src):    postgresql91-9.1.12-0.3.1, postgresql91-libs-9.1.12-0.3.1
SUSE Linux Enterprise Desktop 11 SP3 (src):    postgresql91-9.1.12-0.3.1, postgresql91-libs-9.1.12-0.3.1

Comment 11 Victor Pereira 2014-10-06 08:13:07 UTC

released

Comment 12 Victor Pereira 2014-10-06 08:59:39 UTC

update still running

Comment 16 Swamp Workflow Management 2014-12-11 09:30:44 UTC

An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2014-12-25.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/60006

Comment 17 Marcus Meissner 2015-01-14 15:39:36 UTC

released