Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected.
Platform | Package | Release Date | Advisory |
---|---|---|---|
Amazon Linux 2 - Core | postgresql | 2025-01-21 20:25 | ALAS2-2025-2733 |
Amazon Linux 2 - Postgresql12 Extra | postgresql | 2024-09-26 01:10 | ALAS2POSTGRESQL12-2024-011 |
Amazon Linux 2 - Postgresql12 Extra | libpq | 2024-09-26 01:10 | ALAS2POSTGRESQL12-2024-012 |
Amazon Linux 2 - Postgresql14 Extra | libpq | 2024-09-26 01:10 | ALAS2POSTGRESQL14-2024-013 |
Amazon Linux 2 - Postgresql13 Extra | postgresql | 2024-09-26 01:10 | ALAS2POSTGRESQL13-2024-007 |
Amazon Linux 2 - Postgresql14 Extra | postgresql | 2024-09-26 01:10 | ALAS2POSTGRESQL14-2024-012 |
Amazon Linux 2023 | postgresql15 | 2024-08-14 19:14 | ALAS2023-2024-702 |
Amazon Linux 1 | postgresql92 | 2025-01-30 04:16 | ALAS-2025-1959 |
Score Type | Score | Vector | |
---|---|---|---|
Amazon Linux | CVSSv3 | 8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
NVD | CVSSv3 | 8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |