CVE-2025-12818

CVE-2025-12818

Name

CVE-2025-12818

Description

Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by hundreds of megabytes. This results in a segmentation fault for the application using libpq. Versions before PostgreSQL 18.1, 17.7, 16.11, 15.15, 14.20, and 13.23 are affected.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
f86ef6dc-4d3a-42ad-8f28-e6d5547a5007	https://www.postgresql.org/support/security/CVE-2025-12818/

Type

URI

f86ef6dc-4d3a-42ad-8f28-e6d5547a5007

https://www.postgresql.org/support/security/CVE-2025-12818/

Match rules

Source package	Min version	Max version
postgresql	== 18	== None
postgresql	== 17	== None
postgresql	== 16	== None
postgresql	== 15	== None
postgresql	== 14	== None
postgresql	== 0	== None

CPE URI

Source package

Min version

Max version

postgresql

== 18

== None

postgresql

== 17

== None

postgresql

== 16

== None

postgresql

== 15

== None

postgresql

== 14

== None

postgresql

== 0

== None

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
postgresql18	edge-main	18.1-r0	Jakub Jirutka <jakub@jirutka.cz>	fixed
postgresql18	3.23-main	18.1-r0	Jakub Jirutka <jakub@jirutka.cz>	fixed
postgresql17	edge-main	17.7-r0	Jakub Jirutka <jakub@jirutka.cz>	fixed
postgresql17	3.23-main	17.7-r0	Jakub Jirutka <jakub@jirutka.cz>	fixed
postgresql17	3.22-main	17.7-r0	Jakub Jirutka <jakub@jirutka.cz>	fixed
postgresql17	3.21-main	17.7-r0	Jakub Jirutka <jakub@jirutka.cz>	fixed
postgresql16	edge-community	16.11-r0	Jakub Jirutka <jakub@jirutka.cz>	fixed
postgresql16	3.23-community	16.11-r0	Jakub Jirutka <jakub@jirutka.cz>	fixed
postgresql16	3.22-main	16.11-r0	Jakub Jirutka <jakub@jirutka.cz>	fixed
postgresql16	3.21-main	16.11-r0	Jakub Jirutka <jakub@jirutka.cz>	fixed
postgresql16	3.20-main	16.11-r0	Jakub Jirutka <jakub@jirutka.cz>	fixed
postgresql16	3.19-main	16.11-r0	Jakub Jirutka <jakub@jirutka.cz>	fixed
postgresql15	3.22-community	15.15-r0	Jakub Jirutka <jakub@jirutka.cz>	fixed
postgresql15	3.20-main	15.15-r0	Jakub Jirutka <jakub@jirutka.cz>	fixed
postgresql15	3.19-main	15.15-r0	Jakub Jirutka <jakub@jirutka.cz>	fixed
postgresql	edge-main	14.1-r0	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
postgresql	edge-main	13.4-r0	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
postgresql	edge-main	13.3-r0	Jakub Jirutka <jakub@jirutka.cz>	possibly vulnerable
postgresql	edge-main	13.2-r0	None	possibly vulnerable
postgresql	edge-main	12.5-r0	None	possibly vulnerable
postgresql	edge-main	12.4-r0	None	possibly vulnerable
postgresql	edge-main	12.2-r0	None	possibly vulnerable
postgresql	edge-main	11.5-r0	None	possibly vulnerable
postgresql	edge-main	11.4-r0	None	possibly vulnerable
postgresql	edge-main	11.3-r0	None	possibly vulnerable
postgresql	edge-main	11.1-r0	None	possibly vulnerable
postgresql	edge-main	10.5-r0	None	possibly vulnerable
postgresql	edge-main	10.4-r0	None	possibly vulnerable
postgresql	edge-main	10.3-r0	None	possibly vulnerable
postgresql	edge-main	10.2-r0	None	possibly vulnerable
postgresql	edge-main	10.1-r0	None	possibly vulnerable
postgresql	edge-main	9.6.4-r0	None	possibly vulnerable
postgresql	edge-main	9.6.3-r0	None	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

References

Match rules

Vulnerable and fixed packages