CVE-2022-24051 – MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-24051
MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKJRBYJAQCOPHSED43A3HUPNKQLDTFGD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZFZVMJL5UDTOZMARLXQIMG3BTG6UNYW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJ4KDAGF3H4D4BDTHRAM6ZEAJJWWMRUO https://mariadb.com/kb/en/security https://security.netapp.com/advisory/ntap-20220318-0004 https://www.zerodayinitiative.com/advisories/ZDI-22-318 https://access.redh • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-134: Use of Externally-Controlled Format String •
CVE-2022-24050 – MariaDB CONNECT Storage Engine Use-After-Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-24050
MariaDB CONNECT Storage Engine Use-After-Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of validating the existence of an object prior to performing operations on the object. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKJRBYJAQCOPHSED43A3HUPNKQLDTFGD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZFZVMJL5UDTOZMARLXQIMG3BTG6UNYW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJ4KDAGF3H4D4BDTHRAM6ZEAJJWWMRUO https://mariadb.com/kb/en/security https://security.netapp.com/advisory/ntap-20220318-0004 https://www.zerodayinitiative.com/advisories/ZDI-22-364 https://access.redh • CWE-416: Use After Free CWE-1173: Improper Use of Validation Framework •
CVE-2022-24052 – MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-24052
MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKJRBYJAQCOPHSED43A3HUPNKQLDTFGD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZFZVMJL5UDTOZMARLXQIMG3BTG6UNYW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJ4KDAGF3H4D4BDTHRAM6ZEAJJWWMRUO https://mariadb.com/kb/en/security https://security.netapp.com/advisory/ntap-20220318-0004 https://www.zerodayinitiative.com/advisories/ZDI-22-367 https://access.redh • CWE-122: Heap-based Buffer Overflow •
CVE-2021-46661 – mariadb: MariaDB allows an application crash in find_field_in_tables and find_order_in_list via an unused common table expression (CTE)
https://notcve.org/view.php?id=CVE-2021-46661
MariaDB through 10.5.9 allows an application crash in find_field_in_tables and find_order_in_list via an unused common table expression (CTE). MariaDB versiones hasta 10.5.9, permite un bloqueo de aplicación en las funciones find_field_in_tables y find_order_in_list por medio de una expresión de tabla común (CTE) no usada • https://jira.mariadb.org/browse/MDEV-25766 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKJRBYJAQCOPHSED43A3HUPNKQLDTFGD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZFZVMJL5UDTOZMARLXQIMG3BTG6UNYW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJ4KDAGF3H4D4BDTHRAM6ZEAJJWWMRUO https://mariadb.com/kb/en/security https://security.netapp.com/advisory/ntap-20220221-0002 https://access.redhat.com/s • CWE-20: Improper Input Validation •
CVE-2021-46662 – mariadb: Crash in set_var.cc via certain UPDATE queries with nested subqueries
https://notcve.org/view.php?id=CVE-2021-46662
MariaDB through 10.5.9 allows a set_var.cc application crash via certain uses of an UPDATE statement in conjunction with a nested subquery. MariaDB versiones hasta 10.5.9, permite un bloqueo de la aplicación set_var.cc por medio de determinados usos de una sentencia UPDATE junto con una subconsulta anidada • https://jira.mariadb.org/browse/MDEV-25637 https://mariadb.com/kb/en/security https://security.netapp.com/advisory/ntap-20220221-0002 https://access.redhat.com/security/cve/CVE-2021-46662 https://bugzilla.redhat.com/show_bug.cgi?id=2050019 • CWE-20: Improper Input Validation •