The pg_ctlcluster script in postgresql-common package in Debian wheezy before 134wheezy5, in Debian jessie before 165+deb8u2, in Debian unstable before 178, in Ubuntu 12.04 LTS before 129ubuntu1.2, in Ubuntu 14.04 LTS before 154ubuntu1.1, in Ubuntu 16.04 LTS before 173ubuntu0.1, in Ubuntu 17.04 before 179ubuntu0.1, and in Ubuntu 17.10 before 184ubuntu1.1 allows local users to gain root privileges via a symlink attack on a logfile in /var/log/postgresql.
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Postgresql-common | Debian | 1 (including) | 1 (including) |
| Postgresql-common | Debian | 2 (including) | 2 (including) |
| Postgresql-common | Debian | 3 (including) | 3 (including) |
| Postgresql-common | Debian | 4 (including) | 4 (including) |
| Postgresql-common | Debian | 5 (including) | 5 (including) |
| Postgresql-common | Debian | 6 (including) | 6 (including) |
| Postgresql-common | Debian | 7 (including) | 7 (including) |
| Postgresql-common | Debian | 8 (including) | 8 (including) |
| Postgresql-common | Debian | 9 (including) | 9 (including) |
| Postgresql-common | Debian | 10 (including) | 10 (including) |
| Postgresql-common | Debian | 11 (including) | 11 (including) |
| Postgresql-common | Debian | 12 (including) | 12 (including) |
| Postgresql-common | Debian | 13 (including) | 13 (including) |
| Postgresql-common | Debian | 14 (including) | 14 (including) |
| Postgresql-common | Debian | 15 (including) | 15 (including) |
| Postgresql-common | Debian | 16 (including) | 16 (including) |
| Postgresql-common | Debian | 17 (including) | 17 (including) |
| Postgresql-common | Debian | 18 (including) | 18 (including) |
| Postgresql-common | Debian | 19 (including) | 19 (including) |
| Postgresql-common | Debian | 20 (including) | 20 (including) |
| Postgresql-common | Debian | 21 (including) | 21 (including) |
| Postgresql-common | Debian | 22 (including) | 22 (including) |
| Postgresql-common | Debian | 23 (including) | 23 (including) |
| Postgresql-common | Debian | 24 (including) | 24 (including) |
| Postgresql-common | Debian | 25 (including) | 25 (including) |
| Postgresql-common | Debian | 26 (including) | 26 (including) |
| Postgresql-common | Debian | 27 (including) | 27 (including) |
| Postgresql-common | Debian | 28 (including) | 28 (including) |
| Postgresql-common | Debian | 29 (including) | 29 (including) |
| Postgresql-common | Debian | 30 (including) | 30 (including) |
| Postgresql-common | Debian | 31 (including) | 31 (including) |
| Postgresql-common | Debian | 32 (including) | 32 (including) |
| Postgresql-common | Debian | 33 (including) | 33 (including) |
| Postgresql-common | Debian | 34 (including) | 34 (including) |
| Postgresql-common | Debian | 35 (including) | 35 (including) |
| Postgresql-common | Debian | 36 (including) | 36 (including) |
| Postgresql-common | Debian | 37 (including) | 37 (including) |
| Postgresql-common | Debian | 38 (including) | 38 (including) |
| Postgresql-common | Debian | 39 (including) | 39 (including) |
| Postgresql-common | Debian | 40 (including) | 40 (including) |
| Postgresql-common | Debian | 41 (including) | 41 (including) |
| Postgresql-common | Debian | 42 (including) | 42 (including) |
| Postgresql-common | Debian | 43 (including) | 43 (including) |
| Postgresql-common | Debian | 44 (including) | 44 (including) |
| Postgresql-common | Debian | 45 (including) | 45 (including) |
| Postgresql-common | Debian | 46 (including) | 46 (including) |
| Postgresql-common | Debian | 47 (including) | 47 (including) |
| Postgresql-common | Debian | 48 (including) | 48 (including) |
| Postgresql-common | Debian | 49 (including) | 49 (including) |
| Postgresql-common | Debian | 50 (including) | 50 (including) |
| Postgresql-common | Debian | 51 (including) | 51 (including) |
| Postgresql-common | Debian | 52 (including) | 52 (including) |
| Postgresql-common | Debian | 53 (including) | 53 (including) |
| Postgresql-common | Debian | 54 (including) | 54 (including) |
| Postgresql-common | Debian | 55 (including) | 55 (including) |
| Postgresql-common | Debian | 56 (including) | 56 (including) |
| Postgresql-common | Debian | 57 (including) | 57 (including) |
| Postgresql-common | Debian | 58 (including) | 58 (including) |
| Postgresql-common | Debian | 59 (including) | 59 (including) |
| Postgresql-common | Debian | 60 (including) | 60 (including) |
| Postgresql-common | Debian | 61 (including) | 61 (including) |
| Postgresql-common | Debian | 62 (including) | 62 (including) |
| Postgresql-common | Debian | 63 (including) | 63 (including) |
| Postgresql-common | Debian | 64 (including) | 64 (including) |
| Postgresql-common | Debian | 65 (including) | 65 (including) |
| Postgresql-common | Debian | 66 (including) | 66 (including) |
| Postgresql-common | Debian | 67 (including) | 67 (including) |
| Postgresql-common | Debian | 68 (including) | 68 (including) |
| Postgresql-common | Debian | 69 (including) | 69 (including) |
| Postgresql-common | Debian | 70 (including) | 70 (including) |
| Postgresql-common | Debian | 71 (including) | 71 (including) |
| Postgresql-common | Debian | 72 (including) | 72 (including) |
| Postgresql-common | Debian | 73 (including) | 73 (including) |
| Postgresql-common | Debian | 74 (including) | 74 (including) |
| Postgresql-common | Debian | 75 (including) | 75 (including) |
| Postgresql-common | Debian | 76 (including) | 76 (including) |
| Postgresql-common | Debian | 77 (including) | 77 (including) |
| Postgresql-common | Debian | 78 (including) | 78 (including) |
| Postgresql-common | Debian | 79 (including) | 79 (including) |
| Postgresql-common | Debian | 80 (including) | 80 (including) |
| Postgresql-common | Debian | 81 (including) | 81 (including) |
| Postgresql-common | Debian | 82 (including) | 82 (including) |
| Postgresql-common | Debian | 83 (including) | 83 (including) |
| Postgresql-common | Debian | 84 (including) | 84 (including) |
| Postgresql-common | Debian | 85 (including) | 85 (including) |
| Postgresql-common | Debian | 86 (including) | 86 (including) |
| Postgresql-common | Debian | 87 (including) | 87 (including) |
| Postgresql-common | Debian | 88 (including) | 88 (including) |
| Postgresql-common | Debian | 89 (including) | 89 (including) |
| Postgresql-common | Debian | 90 (including) | 90 (including) |
| Postgresql-common | Debian | 91 (including) | 91 (including) |
| Postgresql-common | Debian | 92 (including) | 92 (including) |
| Postgresql-common | Debian | 93 (including) | 93 (including) |
| Postgresql-common | Debian | 94 (including) | 94 (including) |
| Postgresql-common | Debian | 95 (including) | 95 (including) |
| Postgresql-common | Debian | 96 (including) | 96 (including) |
| Postgresql-common | Debian | 97 (including) | 97 (including) |
| Postgresql-common | Debian | 98 (including) | 98 (including) |
| Postgresql-common | Debian | 99 (including) | 99 (including) |
| Postgresql-common | Debian | 100 (including) | 100 (including) |
| Postgresql-common | Debian | 101 (including) | 101 (including) |
| Postgresql-common | Debian | 102 (including) | 102 (including) |
| Postgresql-common | Debian | 103 (including) | 103 (including) |
| Postgresql-common | Debian | 104 (including) | 104 (including) |
| Postgresql-common | Debian | 105 (including) | 105 (including) |
| Postgresql-common | Debian | 106 (including) | 106 (including) |
| Postgresql-common | Debian | 107 (including) | 107 (including) |
| Postgresql-common | Debian | 108 (including) | 108 (including) |
| Postgresql-common | Debian | 109 (including) | 109 (including) |
| Postgresql-common | Debian | 110 (including) | 110 (including) |
| Postgresql-common | Debian | 111 (including) | 111 (including) |
| Postgresql-common | Debian | 112 (including) | 112 (including) |
| Postgresql-common | Debian | 113 (including) | 113 (including) |
| Postgresql-common | Debian | 114 (including) | 114 (including) |
| Postgresql-common | Debian | 115 (including) | 115 (including) |
| Postgresql-common | Debian | 116 (including) | 116 (including) |
| Postgresql-common | Debian | 117 (including) | 117 (including) |
| Postgresql-common | Debian | 118 (including) | 118 (including) |
| Postgresql-common | Debian | 119 (including) | 119 (including) |
| Postgresql-common | Debian | 120 (including) | 120 (including) |
| Postgresql-common | Debian | 121 (including) | 121 (including) |
| Postgresql-common | Debian | 122 (including) | 122 (including) |
| Postgresql-common | Debian | 123 (including) | 123 (including) |
| Postgresql-common | Debian | 124 (including) | 124 (including) |
| Postgresql-common | Debian | 125 (including) | 125 (including) |
| Postgresql-common | Debian | 126 (including) | 126 (including) |
| Postgresql-common | Debian | 127 (including) | 127 (including) |
| Postgresql-common | Debian | 128 (including) | 128 (including) |
| Postgresql-common | Debian | 129 (including) | 129 (including) |
| Postgresql-common | Debian | 130 (including) | 130 (including) |
| Postgresql-common | Debian | 131 (including) | 131 (including) |
| Postgresql-common | Debian | 132 (including) | 132 (including) |
| Postgresql-common | Debian | 133 (including) | 133 (including) |
| Postgresql-common | Ubuntu | precise | * |
| Postgresql-common | Ubuntu | trusty | * |
| Postgresql-common | Ubuntu | upstream | * |
| Postgresql-common | Ubuntu | xenial | * |
| Postgresql-common | Ubuntu | yakkety | * |