Errata ALT-PU-2022-5903-1: Information
Fixes
Published: Feb. 16, 2022
BDU:2022-00903
Уязвимость системы управления базами данных MariaDB, связана с переполнением буфера в стеке, позволяющая нарушителю выполнить произвольный код
Severity: HIGH (7.0) Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Feb. 16, 2022
BDU:2022-01074
Уязвимость компонента SELECT_LEX::nest_level системы управления базами данных MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: March 15, 2022
BDU:2022-01315
Уязвимость функции BN_mod_sqrt() библиотеки OpenSSL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: March 23, 2022
BDU:2022-01641
Уязвимость библиотеки zlib, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (8.2) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
Links:
Published: July 20, 2021
BDU:2022-01832
Уязвимость компонента InnoDB системы управления базами данных MariaDB и MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.4) Vector: AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 27, 2021
BDU:2022-01851
Уязвимость компонента InnoDB системы управления базами данных MariaDB и MySQL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.9) Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: March 21, 2022
BDU:2022-02593
Уязвимость компонента decimal_bin_size системы управления базами данных MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: March 21, 2022
BDU:2022-02594
Уязвимость компонента sql/sql_class.cc системы управления базами данных MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: March 23, 2022
BDU:2022-02595
Уязвимость компонента Used_tables_and_const_cache::used_tables_and_const_cache_join системы управления базами данных MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 14, 2022
BDU:2022-03726
Уязвимость компонента sql/sql_window.cc системы управления базами данных MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Sept. 15, 2021
BDU:2022-03789
Уязвимость функции xbstream_open системы управления базами данных MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 25, 2021
BDU:2022-03790
Уязвимость метода log_statement_ex (plugin/server_audit/server_audit.c) системы управления базами данных MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 9, 2021
BDU:2022-03791
Уязвимость метода create_worker_threads системы управления базами данных MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: LOW (3.3) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Links:
Published: Nov. 9, 2021
BDU:2022-03792
Уязвимость метода create_worker_threads системы управления базами данных MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: LOW (3.3) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Links:
Published: July 1, 2022
BDU:2022-04064
Уязвимость функции Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort системы управления базами данных MariaDB, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность, доступность защищаемой информации
Severity: HIGH (7.3) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Links:
Published: July 1, 2022
BDU:2022-04068
Уязвимость функции Item_args::walk_args системы управления базами данных MariaDB, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность, доступность защищаемой информации
Severity: HIGH (7.3) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Links:
Published: July 1, 2022
BDU:2022-04075
Уязвимость функции prepare_inplace_add_virtual системы управления базами данных MariaDB, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность, доступность защищаемой информации
Severity: HIGH (7.3) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Links:
Published: July 1, 2022
BDU:2022-04076
Уязвимость функции Item_func_in::cleanup/Item::cleanup_processor системы управления базами данных MariaDB, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность, доступность защищаемой информации
Severity: HIGH (7.3) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Links:
Published: July 1, 2022
BDU:2022-04078
Уязвимость компонента sub_select системы управления базами данных MariaDB, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность, доступность защищаемой информации
Severity: HIGH (7.3) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Links:
Published: July 1, 2022
BDU:2022-04079
Уязвимость функции st_select_lex_unit::exclude_level системы управления базами данных MariaDB, позволяющая нарушителю оказать воздействие на доступность защищаемой информации
Severity: MEDIUM (5.3) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Links:
Published: July 1, 2022
BDU:2022-04080
Уязвимость функции Item_subselect::init_expr_cache_tracker системы управления базами данных MariaDB, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность, доступность защищаемой информации
Severity: HIGH (7.3) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Links:
Published: July 1, 2022
BDU:2022-04082
Уязвимость функции __interceptor_memset (/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc) системы управления базами данных MariaDB, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность, доступность защищаемой информации
Severity: HIGH (7.3) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Links:
Published: July 1, 2022
BDU:2022-04087
Уязвимость функции Item_field::fix_outer_field системы управления базами данных MariaDB, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность, доступность защищаемой информации
Severity: HIGH (7.3) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Links:
Published: July 1, 2022
BDU:2022-05553
Уязвимость компонента dict0dict.cc системы управления базами данных MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 20, 2021
BDU:2022-05677
Уязвимость компонента InnoDB СУБД MariaDB, позволяющая нарушителю нарушить целостность данных, а также вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
Links:
Published: Feb. 1, 2022
BDU:2022-05691
Уязвимость компонента sql_lex.cc СУБД MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Feb. 1, 2022
BDU:2022-05704
Уязвимость СУБД MariaDB, связанная с неконтролируемым расходом ресурсов, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Feb. 1, 2022
BDU:2022-05710
Уязвимость компонента ha_maria::extra СУБД MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Feb. 1, 2022
BDU:2022-05712
Уязвимость компонента sql_parse.cc СУБД MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Feb. 1, 2022
BDU:2022-05752
Уязвимость компонента set_var.cc СУБД MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Feb. 1, 2022
BDU:2022-05755
Уязвимость компонентов find_field_in_tables и find_order_in_list СУБД MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Feb. 1, 2022
BDU:2022-05757
Уязвимость СУБД MariaDB, связанная с ошибками разыменования указателя, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 18, 2022
BDU:2022-06420
Уязвимость компонента C API системы управления базами данных MySQL Server, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.4) Vector: AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: May 10, 2021
BDU:2022-06894
Уязвимость СУБД MariaDB, связанная с использованием памяти после её освобождения, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 9, 2021
BDU:2022-06904
Уязвимость компонента my_strcasecmp_8bit СУБД MariaDB, связанная с использованием памяти после её освобождения, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: June 30, 2021
BDU:2022-06906
Уязвимость компонента Item_subselect::init_expr_cache_tracker СУБД MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: March 16, 2022
BDU:2022-06907
Уязвимость компонента sql/item_cmpfunc.cc СУБД MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: March 16, 2022
BDU:2022-06909
Уязвимость функции Binary_string::free_buffer() компонента /sql/sql_string.h СУБД MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: March 16, 2022
BDU:2022-06910
Уязвимость функции Binary_string::free_buffer() компонента /sql/sql_string.h СУБД MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: March 16, 2022
BDU:2022-06913
Уязвимость компонента /row/row0mysql.cc СУБД MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: March 16, 2022
BDU:2022-06914
Уязвимость функции VDec::VDec компонента /sql/sql_type.cc СУБД MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 19, 2021
BDU:2022-06915
Уязвимость компонента Create_tmp_table::finalize СУБД MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 1, 2021
BDU:2022-06916
Уязвимость компонента Field::set_default СУБД MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: March 16, 2022
BDU:2022-06919
Уязвимость компонента sql/item_func.cc СУБД MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 13, 2021
BDU:2022-06922
Уязвимость компонента Item_args::walk_arg СУБД MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 13, 2021
BDU:2022-06923
Уязвимость компонента Arg_comparator::compare_real_fixed СУБД MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 30, 2021
BDU:2022-06924
Уязвимость компонента my_decimal::operator СУБД MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 30, 2021
BDU:2022-06927
Уязвимость компонента Item_func_in::cleanup() СУБД MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: March 25, 2022
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2018-25032
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://www.openwall.com/lists/oss-security/2022/03/24/1
- https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
- [oss-security] 20220325 Re: zlib memory corruption on deflate (i.e. compress)
- [oss-security] 20220326 Re: zlib memory corruption on deflate (i.e. compress)
- https://www.openwall.com/lists/oss-security/2022/03/28/1
- https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
- https://www.openwall.com/lists/oss-security/2022/03/28/3
- https://github.com/madler/zlib/issues/605
- DSA-5111
- [debian-lts-announce] 20220402 [SECURITY] [DLA 2968-1] zlib security update
- [debian-lts-announce] 20220507 [SECURITY] [DLA 2993-1] libz-mingw-w64 security update
- https://support.apple.com/kb/HT213255
- https://support.apple.com/kb/HT213256
- https://support.apple.com/kb/HT213257
- 20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina
- 20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6
- 20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4
- https://security.netapp.com/advisory/ntap-20220526-0009/
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://security.netapp.com/advisory/ntap-20220729-0004/
- [debian-lts-announce] 20220916 [SECURITY] [DLA 3114-1] mariadb-10.3 security update
- GLSA-202210-42
- https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf
- FEDORA-2022-413a80a102
- FEDORA-2022-dbd2935e44
- FEDORA-2022-12b89e2aad
- FEDORA-2022-61cf1c64f6
- FEDORA-2022-3a92250fd5
- FEDORA-2022-b58a85e167
Published: July 21, 2021
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2021-2372
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.4) Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 21, 2021
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2021-2389
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 20, 2021
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2021-35604
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.35 and prior and 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
Links:
Published: Jan. 30, 2022
Modified: July 12, 2022
Modified: July 12, 2022
CVE-2021-46658
save_window_function_values in MariaDB before 10.6.3 allows an application crash because of incorrect handling of with_window_func=true for a subquery.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Jan. 30, 2022
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2021-46659
MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECT_LEX::nest_level is local to each VIEW.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Feb. 1, 2022
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2021-46661
MariaDB through 10.5.9 allows an application crash in find_field_in_tables and find_order_in_list via an unused common table expression (CTE).
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Feb. 1, 2022
Modified: April 13, 2022
Modified: April 13, 2022
CVE-2021-46662
MariaDB through 10.5.9 allows a set_var.cc application crash via certain uses of an UPDATE statement in conjunction with a nested subquery.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Feb. 1, 2022
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2021-46663
MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT statements.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Feb. 1, 2022
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2021-46664
MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL value of aggr.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Feb. 1, 2022
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2021-46665
MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Feb. 1, 2022
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2021-46667
MariaDB before 10.6.5 has a sql_lex.cc integer overflow, leading to an application crash.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Feb. 1, 2022
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2021-46668
MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-engine resource limitations for temporary data structures.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Feb. 1, 2022
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2021-46669
MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: March 15, 2022
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2022-0778
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://www.openssl.org/news/secadv/20220315.txt
- DSA-5103
- [debian-lts-announce] 20220317 [SECURITY] [DLA 2953-1] openssl1.0 security update
- [debian-lts-announce] 20220317 [SECURITY] [DLA 2952-1] openssl security update
- https://security.netapp.com/advisory/ntap-20220321-0002/
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002
- https://www.tenable.com/security/tns-2022-06
- https://www.tenable.com/security/tns-2022-07
- https://www.tenable.com/security/tns-2022-08
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.tenable.com/security/tns-2022-09
- https://security.netapp.com/advisory/ntap-20220429-0005/
- https://support.apple.com/kb/HT213256
- https://support.apple.com/kb/HT213255
- https://support.apple.com/kb/HT213257
- 20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4
- 20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6
- 20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina
- http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html
- https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf
- https://www.oracle.com/security-alerts/cpujul2022.html
- GLSA-202210-02
- https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a466912611aa6cbdf550cd10601390e587451246
- https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3118eb64934499d93db3230748a452351d1d9a65
- https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=380085481c64de749a6dd25cdf0bcf4360b30f83
- FEDORA-2022-a5f51502f0
- FEDORA-2022-9e88b5d8d7
- FEDORA-2022-8bb51f6901
Published: Oct. 19, 2022
Modified: Nov. 8, 2022
Modified: Nov. 8, 2022
CVE-2022-21595
Vulnerability in the MySQL Server product of Oracle MySQL (component: C API). Supported versions that are affected are 5.7.36 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
Severity: MEDIUM (4.4) Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Feb. 18, 2022
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2022-24048
MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16191.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Feb. 18, 2022
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2022-24050
MariaDB CONNECT Storage Engine Use-After-Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16207.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Feb. 18, 2022
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2022-24051
MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16193.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Feb. 18, 2022
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2022-24052
MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16190.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: April 12, 2022
Modified: Sept. 29, 2022
Modified: Sept. 29, 2022
CVE-2022-27376
MariaDB Server v10.6.5 and below was discovered to contain an use-after-free in the component Item_args::walk_arg, which is exploited via specially crafted SQL statements.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 12, 2022
Modified: Oct. 8, 2022
Modified: Oct. 8, 2022
CVE-2022-27377
MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Item_func_in::cleanup(), which is exploited via specially crafted SQL statements.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 12, 2022
Modified: Oct. 8, 2022
Modified: Oct. 8, 2022
CVE-2022-27378
An issue in the component Create_tmp_table::finalize of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 12, 2022
Modified: Oct. 8, 2022
Modified: Oct. 8, 2022
CVE-2022-27379
An issue in the component Arg_comparator::compare_real_fixed of MariaDB Server v10.6.2 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 12, 2022
Modified: Nov. 8, 2022
Modified: Nov. 8, 2022
CVE-2022-27380
An issue in the component my_decimal::operator= of MariaDB Server v10.6.3 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 12, 2022
Modified: Sept. 29, 2022
Modified: Sept. 29, 2022
CVE-2022-27381
An issue in the component Field::set_default of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 12, 2022
Modified: July 19, 2022
Modified: July 19, 2022
CVE-2022-27382
MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component Item_field::used_tables/update_depend_map_for_order.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 12, 2022
Modified: Sept. 29, 2022
Modified: Sept. 29, 2022
CVE-2022-27383
MariaDB Server v10.6 and below was discovered to contain an use-after-free in the component my_strcasecmp_8bit, which is exploited via specially crafted SQL statements.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 12, 2022
Modified: Sept. 29, 2022
Modified: Sept. 29, 2022
CVE-2022-27384
An issue in the component Item_subselect::init_expr_cache_tracker of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 12, 2022
Modified: June 7, 2022
Modified: June 7, 2022
CVE-2022-27385
An issue in the component Used_tables_and_const_cache::used_tables_and_const_cache_join of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 12, 2022
Modified: Sept. 29, 2022
Modified: Sept. 29, 2022
CVE-2022-27386
MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component sql/sql_class.cc.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 12, 2022
Modified: Sept. 29, 2022
Modified: Sept. 29, 2022
CVE-2022-27387
MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimal_bin_size, which is exploited via specially crafted SQL statements.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 14, 2022
Modified: July 19, 2022
Modified: July 19, 2022
CVE-2022-27444
MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_subselect.cc.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 14, 2022
Modified: Sept. 29, 2022
Modified: Sept. 29, 2022
CVE-2022-27445
MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/sql_window.cc.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 14, 2022
Modified: July 19, 2022
Modified: July 19, 2022
CVE-2022-27446
MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_cmpfunc.h.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 14, 2022
Modified: Oct. 8, 2022
Modified: Oct. 8, 2022
CVE-2022-27447
MariaDB Server v10.9 and below was discovered to contain a use-after-free via the component Binary_string::free_buffer() at /sql/sql_string.h.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 14, 2022
Modified: Oct. 8, 2022
Modified: Oct. 8, 2022
CVE-2022-27448
There is an Assertion failure in MariaDB Server v10.9 and below via 'node->pcur->rel_pos == BTR_PCUR_ON' at /row/row0mysql.cc.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 14, 2022
Modified: Oct. 7, 2022
Modified: Oct. 7, 2022
CVE-2022-27449
MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_func.cc:148.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 14, 2022
Modified: June 30, 2022
Modified: June 30, 2022
CVE-2022-27451
MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/field_conv.cc.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 14, 2022
Modified: Sept. 29, 2022
Modified: Sept. 29, 2022
CVE-2022-27452
MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_cmpfunc.cc.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 14, 2022
Modified: June 30, 2022
Modified: June 30, 2022
CVE-2022-27455
MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_wildcmp_8bit_impl at /strings/ctype-simple.c.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 14, 2022
Modified: Oct. 8, 2022
Modified: Oct. 8, 2022
CVE-2022-27456
MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component VDec::VDec at /sql/sql_type.cc.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 14, 2022
Modified: June 30, 2022
Modified: June 30, 2022
CVE-2022-27457
MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_mb_wc_latin1 at /strings/ctype-latin1.c.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: April 14, 2022
Modified: May 2, 2024
Modified: May 2, 2024
CVE-2022-27458
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-27447. Reason: This candidate is a reservation duplicate of CVE-2022-27447. Notes: All CVE users should reference CVE-2022-27447 instead of this candidate.
Published: May 26, 2022
Modified: May 17, 2024
Modified: May 17, 2024
CVE-2022-31621
MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_xbstream.cc, when an error occurs (stream_ctxt->dest_file == NULL) while executing the method xbstream_open, the held lock is not released correctly, which allows local users to trigger a denial of service due to the deadlock. Note: The vendor argues this is just an improper locking bug and not a vulnerability with adverse effects.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: May 26, 2022
Modified: May 17, 2024
Modified: May 17, 2024
CVE-2022-31622
MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (pthread_create returns a nonzero value) while executing the method create_worker_threads, the held lock is not released correctly, which allows local users to trigger a denial of service due to the deadlock. Note: The vendor argues this is just an improper locking bug and not a vulnerability with adverse effects.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: May 26, 2022
Modified: May 17, 2024
Modified: May 17, 2024
CVE-2022-31623
MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (i.e., going to the err label) while executing the method create_worker_threads, the held lock thd->ctrl_mutex is not released correctly, which allows local users to trigger a denial of service due to the deadlock. Note: The vendor argues this is just an improper locking bug and not a vulnerability with adverse effects.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: May 26, 2022
Modified: Aug. 8, 2023
Modified: Aug. 8, 2023
CVE-2022-31624
MariaDB Server before 10.7 is vulnerable to Denial of Service. While executing the plugin/server_audit/server_audit.c method log_statement_ex, the held lock lock_bigbuffer is not released correctly, which allows local users to trigger a denial of service due to the deadlock.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 1, 2022
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2022-32081
MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepare_inplace_add_virtual at /storage/innobase/handler/handler0alter.cc.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 1, 2022
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2022-32082
MariaDB v10.5 to v10.7 was discovered to contain an assertion failure at table->get_ref_count() == 0 in dict0dict.cc.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 1, 2022
Modified: Oct. 25, 2022
Modified: Oct. 25, 2022
CVE-2022-32083
MariaDB v10.2 to v10.6.1 was discovered to contain a segmentation fault via the component Item_subselect::init_expr_cache_tracker.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 1, 2022
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2022-32084
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component sub_select.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 1, 2022
Modified: Oct. 27, 2022
Modified: Oct. 27, 2022
CVE-2022-32085
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_func_in::cleanup/Item::cleanup_processor.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 1, 2022
Modified: Oct. 25, 2022
Modified: Oct. 25, 2022
CVE-2022-32086
MariaDB v10.4 to v10.8 was discovered to contain a segmentation fault via the component Item_field::fix_outer_field.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 1, 2022
Modified: Oct. 27, 2022
Modified: Oct. 27, 2022
CVE-2022-32087
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_args::walk_args.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 1, 2022
Modified: Oct. 27, 2022
Modified: Oct. 27, 2022
CVE-2022-32088
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 1, 2022
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2022-32089
MariaDB v10.5 to v10.7 was discovered to contain a segmentation fault via the component st_select_lex_unit::exclude_level.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 1, 2022
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2022-32091
MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 27, 2022
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2022-38791
In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links: