Описание
ELSA-2026-0458: libpq security update (MODERATE)
[13.23-1]
- Rebase to upstream release 13.23
- Resolves: RHEL-131279 (CVE-2025-12818)
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
libpq
13.23-1.el9_7
libpq-devel
13.23-1.el9_7
Oracle Linux x86_64
libpq
13.23-1.el9_7
libpq-devel
13.23-1.el9_7
Связанные CVE
Связанные уязвимости
Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by hundreds of megabytes. This results in a segmentation fault for the application using libpq. Versions before PostgreSQL 18.1, 17.7, 16.11, 15.15, 14.20, and 13.23 are affected.
Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by hundreds of megabytes. This results in a segmentation fault for the application using libpq. Versions before PostgreSQL 18.1, 17.7, 16.11, 15.15, 14.20, and 13.23 are affected.
PostgreSQL libpq undersizes allocations, via integer wraparound
Integer wraparound in multiple PostgreSQL libpq client library functio ...
