CVE - CVE-2024-32655

CVE-ID
CVE-2024-32655	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Npgsql is the .NET data provider for PostgreSQL. The `WriteBind()` method in `src/Npgsql/Internal/NpgsqlConnector.FrontendMessages.cs` uses `int` variables to store the message length and the sum of parameter lengths. Both variables overflow when the sum of parameter lengths becomes too large. This causes Npgsql to write a message size that is too small when constructing a Postgres protocol message to send it over the network to the database. When parsing the message, the database will only read a small number of bytes and treat any following bytes as new messages while they belong to the old message. Attackers can abuse this to inject arbitrary Postgres protocol messages into the connection, leading to the execution of arbitrary SQL statements on the application's behalf. This vulnerability is fixed in 4.0.14, 4.1.13, 5.0.18, 6.0.11, 7.0.7, and 8.0.3.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://github.com/npgsql/npgsql/commit/091655eed0c84e502ab424950c930339d17c1928 URL:https://github.com/npgsql/npgsql/commit/091655eed0c84e502ab424950c930339d17c1928 MISC:https://github.com/npgsql/npgsql/commit/3183efb2bdcca159c8c2e22af57e18ea8f853cf0 URL:https://github.com/npgsql/npgsql/commit/3183efb2bdcca159c8c2e22af57e18ea8f853cf0 MISC:https://github.com/npgsql/npgsql/commit/67acbe027e28477ac2199e15cfb554bb2ffaf169 URL:https://github.com/npgsql/npgsql/commit/67acbe027e28477ac2199e15cfb554bb2ffaf169 MISC:https://github.com/npgsql/npgsql/commit/703d9af8fa48dfe8c0180e36edb8278f34342d7b URL:https://github.com/npgsql/npgsql/commit/703d9af8fa48dfe8c0180e36edb8278f34342d7b MISC:https://github.com/npgsql/npgsql/commit/a22a42d8141d7a3528f43c02c095a409507cf1af URL:https://github.com/npgsql/npgsql/commit/a22a42d8141d7a3528f43c02c095a409507cf1af MISC:https://github.com/npgsql/npgsql/commit/e34e2ba8042e666d9af54a1b255fba4d5b11df56 URL:https://github.com/npgsql/npgsql/commit/e34e2ba8042e666d9af54a1b255fba4d5b11df56 MISC:https://github.com/npgsql/npgsql/commit/f7e7ead0702d776a8f551f5786c4cac2d65c4bc6 URL:https://github.com/npgsql/npgsql/commit/f7e7ead0702d776a8f551f5786c4cac2d65c4bc6 MISC:https://github.com/npgsql/npgsql/releases/tag/v4.0.14 URL:https://github.com/npgsql/npgsql/releases/tag/v4.0.14 MISC:https://github.com/npgsql/npgsql/releases/tag/v4.1.13 URL:https://github.com/npgsql/npgsql/releases/tag/v4.1.13 MISC:https://github.com/npgsql/npgsql/releases/tag/v5.0.18 URL:https://github.com/npgsql/npgsql/releases/tag/v5.0.18 MISC:https://github.com/npgsql/npgsql/releases/tag/v6.0.11 URL:https://github.com/npgsql/npgsql/releases/tag/v6.0.11 MISC:https://github.com/npgsql/npgsql/releases/tag/v7.0.7 URL:https://github.com/npgsql/npgsql/releases/tag/v7.0.7 MISC:https://github.com/npgsql/npgsql/releases/tag/v8.0.3 URL:https://github.com/npgsql/npgsql/releases/tag/v8.0.3 MISC:https://github.com/npgsql/npgsql/security/advisories/GHSA-x9vc-6hfv-hg8c URL:https://github.com/npgsql/npgsql/security/advisories/GHSA-x9vc-6hfv-hg8c MISC:https://www.youtube.com/watch?v=Tfg1B8u1yvE URL:https://www.youtube.com/watch?v=Tfg1B8u1yvE
Assigning CNA
GitHub (maintainer security advisories)
Date Record Created
20240416	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240416)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)