CVE-2021-3677

CVE-2021-3677

Name

CVE-2021-3677

Description

A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include max_worker_processes=0, the known versions of this attack are infeasible. However, undiscovered variants of the attack may be independent of that setting.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
Issue Tracking	https://bugzilla.redhat.com/show_bug.cgi?id=2001857
Vendor Advisory	https://www.postgresql.org/support/security/CVE-2021-3677/
CONFIRM	https://security.netapp.com/advisory/ntap-20220407-0008/

Type

URI

Issue Tracking

https://bugzilla.redhat.com/show_bug.cgi?id=2001857

Vendor Advisory

https://www.postgresql.org/support/security/CVE-2021-3677/

CONFIRM

https://security.netapp.com/advisory/ntap-20220407-0008/

Match rules

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:postgresql:postgresql::::::::`	postgresql	>= 11.0	< 11.13
`cpe:2.3:a:postgresql:postgresql::::::::`	postgresql	>= 12.0	< 12.8
`cpe:2.3:a:postgresql:postgresql::::::::`	postgresql	>= 13.0	< 13.4

CPE URI

Source package

Min version

Max version

cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*

postgresql

>= 11.0

< 11.13

cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*

postgresql

>= 12.0

< 12.8

cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*

postgresql

>= 13.0

< 13.4

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
postgresql15	edge-main	13.4-r0	None	fixed
postgresql15	edge-community	13.4-r0	None	fixed
postgresql15	3.20-main	13.4-r0	None	fixed
postgresql15	3.19-main	13.4-r0	None	fixed
postgresql15	3.18-main	13.4-r0	None	fixed
postgresql15	3.17-main	13.4-r0	None	fixed
postgresql14	edge-main	13.4-r0	None	fixed
postgresql14	edge-community	13.4-r0	None	fixed
postgresql14	3.20-community	13.4-r0	None	fixed
postgresql14	3.19-community	13.4-r0	None	fixed
postgresql14	3.18-main	13.4-r0	None	fixed
postgresql14	3.17-main	13.4-r0	None	fixed
postgresql13	edge-main	13.4-r0	None	fixed
postgresql13	edge-community	13.4-r0	None	fixed
postgresql13	3.19-community	13.4-r0	None	fixed
postgresql13	3.18-community	13.4-r0	None	fixed
postgresql13	3.17-community	13.4-r0	None	fixed
postgresql12	edge-community	12.8-r0	None	fixed
postgresql12	3.18-community	12.8-r0	None	fixed
postgresql12	3.17-community	12.8-r0	None	fixed
postgresql	edge-main	13.4-r0	Jakub Jirutka <jakub@jirutka.cz>	fixed
postgresql	edge-main	13.3-r0	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
postgresql	edge-main	13.2-r0	None	possibly vulnerable
postgresql	edge-main	12.5-r0	None	possibly vulnerable
postgresql	edge-main	12.4-r0	None	possibly vulnerable
postgresql	edge-main	12.2-r0	None	possibly vulnerable
postgresql	edge-main	11.5-r0	None	possibly vulnerable
postgresql	edge-main	11.4-r0	None	possibly vulnerable
postgresql	edge-main	11.3-r0	None	possibly vulnerable
postgresql	edge-main	11.1-r0	None	possibly vulnerable
postgresql	3.12-main	12.8-r0	Jakub Jirutka <jakub@jirutka.cz>	fixed
postgresql	3.11-main	12.8-r0	Jakub Jirutka <jakub@jirutka.cz>	fixed

Source package

Branch

Version

Maintainer

Status

postgresql15

edge-main

13.4-r0

None

fixed

postgresql15

edge-community