diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2021-11-08 11:14:56 -0500 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2021-11-08 11:14:56 -0500 |
| commit | 844b3169204c28cd086c1b4fae4a2cbdd0540640 (patch) | |
| tree | 27a93ccfc4727d93b234d390ce51128f5f7647c1 /doc/src/sgml/btree-gist.sgml | |
| parent | e92ed93e8eb76ee0701b42d4f0ce94e6af3fc741 (diff) | |
libpq: reject extraneous data after SSL or GSS encryption handshake.
libpq collects up to a bufferload of data whenever it reads data from
the socket. When SSL or GSS encryption is requested during startup,
any additional data received with the server's yes-or-no reply
remained in the buffer, and would be treated as already-decrypted data
once the encryption handshake completed. Thus, a man-in-the-middle
with the ability to inject data into the TCP connection could stuff
some cleartext data into the start of a supposedly encryption-protected
database session.
This could probably be abused to inject faked responses to the
client's first few queries, although other details of libpq's behavior
make that harder than it sounds. A different line of attack is to
exfiltrate the client's password, or other sensitive data that might
be sent early in the session. That has been shown to be possible with
a server vulnerable to CVE-2021-23214.
To fix, throw a protocol-violation error if the internal buffer
is not empty after the encryption handshake.
Our thanks to Jacob Champion for reporting this problem.
Security: CVE-2021-23222
Diffstat (limited to 'doc/src/sgml/btree-gist.sgml')
0 files changed, 0 insertions, 0 deletions