![]() This is problematic since standby servers may already have copies of that WAL segment. ![]() If the primary did not survive long enough to finish writing the rest of the incomplete WAL record, then the previous crash-recovery logic had it back up and overwrite WAL starting from the beginning of the incomplete WAL record. (CVE-2021-23222)įix physical replication for cases where the primary crashes after shipping a WAL segment that ends with a partial WAL record (Álvaro Herrera) The PostgreSQL Project thanks Jacob Champion for reporting this problem. That has been shown to be possible with a server vulnerable to CVE-2021-23214. A different line of attack is to exfiltrate the client's password, or other sensitive data that might be sent early in the session. This could probably be abused to inject faked responses to the client's first few queries, although other details of libpq's behavior make that harder than it sounds. Make libpq reject extraneous data after an SSL or GSS encryption handshake (Tom Lane)Ī man-in-the-middle with the ability to inject data into the TCP connection could stuff some cleartext data into the start of a supposedly encryption-protected database session. ![]() (However, a server relying on SSL certificate authentication might well not do so.) This could be abused to send faked SQL commands to the server, although that would only work if the server did not demand any authentication data. Make the server reject extraneous data after an SSL or GSS encryption handshake (Tom Lane)Ī man-in-the-middle with the ability to inject data into the TCP connection could stuff some cleartext data into the start of a supposedly encryption-protected database session. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |