CVE-2017-7484

NameCVE-2017-7484
DescriptionIt was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-3851-1
NVD severitymedium (attack range: remote)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
postgresql-8.4 (PTS)wheezy8.4.22-0+deb7u1fixed
postgresql-9.1 (PTS)wheezy9.1.21-0+deb7u1fixed
wheezy (security)9.1.24lts2-0+deb7u1fixed
jessie9.1.22-0+deb8u1fixed
jessie (security)9.1.16-0+deb8u1fixed
postgresql-9.4 (PTS)jessie9.4.12-0+deb8u1fixed
jessie (security)9.4.13-0+deb8u1fixed
postgresql-9.6 (PTS)stretch, stretch (security)9.6.4-0+deb9u1fixed
buster, sid9.6.5-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
postgresql-8.4source(unstable)(unfixed)medium
postgresql-8.4sourcewheezy(not affected)
postgresql-9.1source(unstable)(unfixed)medium
postgresql-9.1sourcejessie(not affected)
postgresql-9.1sourcewheezy(not affected)
postgresql-9.4source(unstable)(unfixed)medium
postgresql-9.4sourcejessie9.4.12-0+deb8u1mediumDSA-3851-1
postgresql-9.6source(unstable)9.6.3-1medium

Notes

[jessie] - postgresql-9.1 <not-affected> (postgresql-9.1 in jessie only provides PL/Perl)
[wheezy] - postgresql-9.1 <not-affected> (Vulnerable code do not exist)
[wheezy] - postgresql-8.4 <not-affected> (Vulnerable code do not exist)
https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=c33c42362256382ed398df9dcda559cd547c68a7
https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=cad15943225adbcadea51602b38b04d71d1183d2
https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=935e77d527a018b652f247c7374c558871210db6

Search for package or bug name: Reporting problems