oss-sec mailing list archives
Re: CVE Request: postgresql integer overflow in hash table size calculation
From: Vincent Danen <vdanen () redhat com>
Date: Tue, 16 Mar 2010 11:23:39 -0600
* [2010-03-09 09:46:49 -0700] Vincent Danen wrote:
I've been looking and can't find a CVE name for this issue. Could one be assigned? An integer overflow flaw was found in the way postgresql used to calculate size for the hashtable for joined relations. An attacker could formulate a specially-crafted sql query, which once processed would lead to denial of service (postgresql daemon crash). References: https://bugzilla.redhat.com/show_bug.cgi?id=546621 http://archives.postgresql.org/pgsql-bugs/2009-10/msg00277.php
Please use CVE-2010-0733 for this issue. --Vincent Danen / Red Hat Security Response Team
Current thread:
- CVE Request: postgresql integer overflow in hash table size calculation Vincent Danen (Mar 09)
- Re: CVE Request: postgresql integer overflow in hash table size calculation Vincent Danen (Mar 16)