CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-31623 – mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc
https://notcve.org/view.php?id=CVE-2022-31623
MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (i.e., going to the err label) while executing the method create_worker_threads, the held lock thd->ctrl_mutex is not released correctly, which allows local users to trigger a denial of service due to the deadlock. Note: The vendor argues this is just an improper locking bug and not a vulnerability with adverse effects. MariaDB Server versiones anteriores a 10.7, es vulnerable a una denegación de servicio. En el archivo extra/mariabackup/ds_compress.cc, cuando es producido un error (es decir, pasa a la etiqueta err) mientras es ejecutado el método create_worker_threads, el bloqueo retenido thd-)ctrl_mutex no es liberado correctamente, lo que permite a usuarios locales desencadenar una denegación de servicio debido al bloqueo • https://github.com/MariaDB/server/commit/7c30bc38a588b22b01f11130cfe99e7f36accf94 https://github.com/MariaDB/server/pull/1938 https://jira.mariadb.org/browse/MDEV-26561 https://jira.mariadb.org/browse/MDEV-26574 https://security.netapp.com/advisory/ntap-20220707-0006 https://access.redhat.com/security/cve/CVE-2022-31623 https://bugzilla.redhat.com/show_bug.cgi?id=2092360 • CWE-667: Improper Locking •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 1CVE-2022-27456 – mariadb: assertion failure in VDec::VDec at /sql/sql_type.cc
https://notcve.org/view.php?id=CVE-2022-27456
MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component VDec::VDec at /sql/sql_type.cc. Se ha detectado que MariaDB Server versiones v10.6.3 y anteriores, contienen un uso de memoria previamente liberada en el componente VDec::VDec en /sql/sql_type.cc A flaw was found in the MariaDB Server. It contains a use-after-free in the component, VDec::VDec at /sql/sql_type.cc, affecting availability. • https://jira.mariadb.org/browse/MDEV-28093 https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html https://security.netapp.com/advisory/ntap-20220526-0007 https://access.redhat.com/security/cve/CVE-2022-27456 https://bugzilla.redhat.com/show_bug.cgi?id=2075697 • CWE-416: Use After Free CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2022-27457 – mariadb: incorrect key in "dup value" error after long unique
https://notcve.org/view.php?id=CVE-2022-27457
MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_mb_wc_latin1 at /strings/ctype-latin1.c. Se ha detectado que MariaDB Server versiones v10.6.3 y anteriores, contienen un uso de memoria previamente liberada en el componente my_mb_wc_latin1 en /strings/ctype-latin1.c A flaw was found in the MariaDB Server. It contains a use-after-free in the component, my_mb_wc_latin1 at /strings/ctype-latin1.c, affecting availability. • https://jira.mariadb.org/browse/MDEV-28098 https://security.netapp.com/advisory/ntap-20220526-0007 https://access.redhat.com/security/cve/CVE-2022-27457 https://bugzilla.redhat.com/show_bug.cgi?id=2075699 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2022-27455 – mariadb: use-after-free when WHERE has subquery with an outer reference in HAVING
https://notcve.org/view.php?id=CVE-2022-27455
MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_wildcmp_8bit_impl at /strings/ctype-simple.c. Se ha detectado que MariaDB Server versiones v10.6.3 y anteriores, contienen un uso de memoria previamente liberada en el componente my_wildcmp_8bit_impl en el archivo /strings/ctype-simple.c A flaw was found in the MariaDB Server. It contains a use-after-free in the component, my_wildcmp_8bit_impl at /strings/ctype-simple.c, affecting availability. • https://jira.mariadb.org/browse/MDEV-28097 https://security.netapp.com/advisory/ntap-20220526-0007 https://access.redhat.com/security/cve/CVE-2022-27455 https://bugzilla.redhat.com/show_bug.cgi?id=2075701 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2022-27451 – mariadb: crash via window function in expression in ORDER BY
https://notcve.org/view.php?id=CVE-2022-27451
MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/field_conv.cc. Se ha detectado que MariaDB Server versiones v10.9 y anteriores, contienen un fallo de segmentación por medio del componente sql/field_conv.cc A flaw was found in the MariaDB Server. It contains a segmentation fault via the component, sql/field_conv.cc, affecting availability. • https://jira.mariadb.org/browse/MDEV-28094 https://security.netapp.com/advisory/ntap-20220526-0006 https://access.redhat.com/security/cve/CVE-2022-27451 https://bugzilla.redhat.com/show_bug.cgi?id=2076144 • CWE-1173: Improper Use of Validation Framework •