CVE-2026-6575

Public on 2026-05-14
Modified on 2026-05-15
Description
Buffer over-read in PostgreSQL function pg_restore_attribute_stats() accepts array values of unmatched length, which causes query planning to read past end of one array. This allows a table maintainer to infer memory values past that array end. Within major version 18, minor versions before PostgreSQL 18.4 are affected. Versions before PostgreSQL 18 are unaffected.
Severity
Medium severity
Medium
See what this means
CVSS v3 Base Score
4.3
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 2 - Postgresql14 Extra libpq Not Affected
Amazon Linux 2023 libpq Not Affected
Amazon Linux 2 - Core postgresql Not Affected
Amazon Linux 2 - Postgresql14 Extra postgresql Not Affected
Amazon Linux 2023 postgresql15 Not Affected
Amazon Linux 2023 postgresql16 Not Affected
Amazon Linux 2023 postgresql17 Not Affected
Amazon Linux 2023 postgresql18 Pending Fix

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

References

FAQs regarding Amazon Linux ALAS/CVE Severity Red Hat: CVE-2026-6575 Mitre: CVE-2026-6575