ubuntu · CVE-2016-3065

Quick triage

Priority: medium Published: 2016-04-11 15:59:00 UTC Updated: 2025-08-25 21:59:07 UTC

View at Official ubuntu advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2016-3065 medium priority: Ubuntu including 5 source packages (postgresql-8.4, postgresql-9.1, postgresql-9.3, postgresql-9.4, postgresql-9.5), 20 status rows across 4 suites (precise, trusty, upstream, wily): DNE 11, not-affected 8, released 1.

Description:

The (1) brin_page_type and (2) brin_metapage_info functions in the pageinspect extension in PostgreSQL before 9.5.x before 9.5.2 allows attackers to bypass intended access restrictions and consequently obtain sensitive server memory information or cause a denial of service (server crash) via a crafted bytea value in a BRIN index page.

cvelogic Threat Intelligence