CVE-2017-14798

HIGH

PostgreSQL - Privilege Escalation

Title source: llm

Description

A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root.

Exploits (1)

exploitdb WORKING POC
by Johannes Segitz · bashlocallinux
https://www.exploit-db.com/exploits/45184

References (4)

Scores

CVSS v3 7.3
EPSS 0.0081
EPSS Percentile 74.3%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-362 CWE-61
Status published
Products (2)
postgresql/postgresql < 9.4-0.5.3.1
suse/suse_linux_enterprise_server 11 sp3
Published Mar 01, 2018
Tracked Since Feb 18, 2026