CVE-2017-14798

HIGH

PostgreSQL - Privilege Escalation

Title source: llm

Description

A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root.

Exploits (1)

exploitdb WORKING POC
by Johannes Segitz · bashlocallinux
https://www.exploit-db.com/exploits/45184

References (4)

Scores

CVSS v3 7.3
EPSS 0.0119
EPSS Percentile 78.5%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Classification

CWE
CWE-362 CWE-61
Status published

Affected Products (2)

postgresql/postgresql < 9.4-0.5.3.1
suse/suse_linux_enterprise_server

Timeline

Published Mar 01, 2018
Tracked Since Feb 18, 2026