CVE-2023-5870

Name: CVE-2023-5870
Creator: NVD / NIST
Published: 2023-12-10T18:15:07.643+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 4.4/10EPSS 2.56%

Last modified Jun 17, 2026

CVE-2023-5870 is a medium-severity vulnerability rated 4.4/10 on the CVSS scale. A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. EPSS estimates a 2.56% chance of exploitation in the next 30 days.

Description

A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.

Metrics

CVSS 3.1

4.4/10

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

EPSS Probability

2.56%

83.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-400

Affected Software

Vendor	Product	Versions
Postgresql	Postgresql	>= 11.0, < 11.22
Postgresql	Postgresql	>= 12.0, < 12.17
Postgresql	Postgresql	>= 13.0, < 13.13
Postgresql	Postgresql	>= 14.0, < 14.10
Postgresql	Postgresql	>= 15.0, < 15.5
Postgresql	Postgresql	16.0
Redhat	Codeready Linux Builder Eus	9.2
Redhat	Codeready Linux Builder Eus For Power Little Endian Eus	9.0_ppc64le
Redhat	Codeready Linux Builder Eus For Power Little Endian Eus	9.2_ppc64le
Redhat	Codeready Linux Builder For Arm64 Eus	8.6_aarch64
Redhat	Codeready Linux Builder For Arm64 Eus	9.0_aarch64
Redhat	Codeready Linux Builder For Arm64 Eus	9.2_aarch64
Redhat	Codeready Linux Builder For Ibm Z Systems Eus	9.0_s390x
Redhat	Codeready Linux Builder For Ibm Z Systems Eus	9.2_s390x
Redhat	Codeready Linux Builder For Power Little Endian Eus	9.0_ppc64le
Redhat	Codeready Linux Builder For Power Little Endian Eus	9.2_ppc64le
Redhat	Software Collections	1.0
Redhat	Enterprise Linux	8.0
Redhat	Enterprise Linux	9.0
Redhat	Enterprise Linux Eus	8.6
Redhat	Enterprise Linux Eus	8.8
Redhat	Enterprise Linux Eus	9.0
Redhat	Enterprise Linux Eus	9.2
Redhat	Enterprise Linux For Arm 64	8.0
Redhat	Enterprise Linux For Arm 64	8.8_aarch64
Redhat	Enterprise Linux For Ibm Z Systems	8.0_s390x
Redhat	Enterprise Linux For Ibm Z Systems Eus	8.6_s390x
Redhat	Enterprise Linux For Ibm Z Systems Eus	8.8_s390x
Redhat	Enterprise Linux For Ibm Z Systems Eus	9.0_s390x
Redhat	Enterprise Linux For Ibm Z Systems Eus	9.2_s390x
Redhat	Enterprise Linux For Power Little Endian	8.0_ppc64le
Redhat	Enterprise Linux For Power Little Endian Eus	8.6_ppc64le
Redhat	Enterprise Linux For Power Little Endian Eus	8.8_ppc64le
Redhat	Enterprise Linux For Power Little Endian Eus	9.0_ppc64le
Redhat	Enterprise Linux For Power Little Endian Eus	9.2_ppc64le
Redhat	Enterprise Linux Server Aus	8.2
Redhat	Enterprise Linux Server Aus	8.4
Redhat	Enterprise Linux Server Aus	8.6
Redhat	Enterprise Linux Server Aus	9.2
Redhat	Enterprise Linux Server Tus	8.2
Redhat	Enterprise Linux Server Tus	8.4
Redhat	Enterprise Linux Server Tus	8.6

References

https://access.redhat.com/errata/RHSA-2023:7545Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7579Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7580Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7581Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7616Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7656Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7666Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7667Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7694Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7695Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7714Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7770Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7772Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7784
https://access.redhat.com/errata/RHSA-2023:7785
https://access.redhat.com/errata/RHSA-2023:7883
https://access.redhat.com/errata/RHSA-2023:7884
https://access.redhat.com/errata/RHSA-2023:7885
https://access.redhat.com/errata/RHSA-2024:0304
https://access.redhat.com/errata/RHSA-2024:0332
https://access.redhat.com/errata/RHSA-2024:0337
https://access.redhat.com/security/cve/CVE-2023-5870Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2247170Issue Tracking
https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/Release Notes
https://www.postgresql.org/support/security/CVE-2023-5870/Vendor Advisory
https://access.redhat.com/errata/RHSA-2023:7545Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7579Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7580Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7581Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7616Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7656Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7666Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7667Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7694Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7695Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7714Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7770Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7772Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7784
https://access.redhat.com/errata/RHSA-2023:7785
https://access.redhat.com/errata/RHSA-2023:7883
https://access.redhat.com/errata/RHSA-2023:7884
https://access.redhat.com/errata/RHSA-2023:7885
https://access.redhat.com/errata/RHSA-2024:0304
https://access.redhat.com/errata/RHSA-2024:0332
https://access.redhat.com/errata/RHSA-2024:0337
https://access.redhat.com/security/cve/CVE-2023-5870Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2247170Issue Tracking
https://lists.debian.org/debian-lts-announce/2023/11/msg00007.html
https://security.netapp.com/advisory/ntap-20240119-0003/
https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/Release Notes
https://www.postgresql.org/support/security/CVE-2023-5870/Vendor Advisory

Timeline

Published: Dec 10, 2023
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2023-5870?

How severe is CVE-2023-5870?

CVE-2023-5870 has a CVSS score of 4.4/10 (MEDIUM severity). The EPSS model estimates a 2.56% probability of exploitation in the next 30 days.

How do I fix CVE-2023-5870?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2023-5870?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST