Project

General

Profile

Actions

Security #6411

closed

pgsql: quadratic complexity leads to over consumption of memory

Added by Philippe Antoine about 1 year ago. Updated 9 months ago.

Status:
Closed
Priority:
Normal
Target version:
Affected Versions:
Label:
Git IDs:

f52c033e566beafb4480c139eb18662a2870464f
86de7cffa7e8f06fe9d600127e7dabe89c7e81dd

Severity:
HIGH
Disclosure Date:
01/15/2024

Description

found by oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63338

Severity to evaluate


Subtasks 1 (0 open1 closed)

Security #6536: pgsql: quadratic complexity leads to over consumption of memory (7.0.x backport)ClosedJuliana Fajardini ReichowActions

Related issues 1 (0 open1 closed)

Related to Suricata - Bug #6080: pgsql/probe: TCP on 5432 traffic incorrectly tagged as PGSQL ClosedJuliana Fajardini ReichowActions
Actions #1

Updated by Victor Julien about 1 year ago

  • Target version changed from 7.0.2 to 7.0.3
Actions #2

Updated by Philippe Antoine about 1 year ago

  • Status changed from New to In Review

Gitlab MR

Actions #3

Updated by Philippe Antoine about 1 year ago

  • Related to Bug #6080: pgsql/probe: TCP on 5432 traffic incorrectly tagged as PGSQL added
Actions #4

Updated by Victor Julien about 1 year ago

  • Target version changed from 7.0.3 to 8.0.0-beta1
  • Label Needs backport to 7.0 added
Actions #5

Updated by OISF Ticketbot about 1 year ago

  • Subtask #6536 added
Actions #6

Updated by OISF Ticketbot about 1 year ago

  • Label deleted (Needs backport to 7.0)
Actions #7

Updated by Philippe Antoine 11 months ago

  • Disclosure Date set to 01/15/2024
Actions #8

Updated by Victor Julien 11 months ago

  • Severity changed from MODERATE to HIGH

HIGH as protocol is not enabled by default.

Actions #9

Updated by Victor Julien 10 months ago

  • CVE set to 2024-23835
Actions #10

Updated by Philippe Antoine 10 months ago

  • Status changed from In Review to Resolved
Actions #11

Updated by Philippe Antoine 9 months ago

  • Status changed from Resolved to Closed
  • Git IDs updated (diff)
Actions #12

Updated by Victor Julien 9 months ago

  • Private changed from Yes to No
Actions

Also available in: Atom PDF