CVE-2020-13249

mariadb-connector-c: Improper validation of content in a OK packet received from server

Severity Score

8.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

libmariadb/mariadb_lib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadb_lib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by Oracle.

La biblioteca libmariadb/mariadb_lib.c en MariaDB Connector/C versiones anteriores a 3.1.8 no comprueba apropiadamente el contenido de un paquete OK recibido desde un servidor. NOTA: aunque mariadb_lib.c se basó originalmente en el código enviado para MySQL, este problema no afecta a ningún componente de MySQL soportado por Oracle.

It was discovered that MariaDB didn't properly validate the content of a packet received from a server. A remote attacker could use this vulnerability to sent a specialy crafted file to cause a denial of service. It was discovered that MariaDB has other security issues. An attacker can cause a hang or frequently repeatable crash. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2020-05-20 CVE Reserved
2020-05-20 CVE Published
2024-08-04 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-20: Improper Input Validation

CAPEC

References (8)

URL	Tag	Source
https://github.com/mariadb-corporation/mariadb-connector-c/compare/v3.1.7...v3.1.8	Release Notes

URL	Date	SRC

URL	Date	SRC
https://github.com/mariadb-corporation/mariadb-connector-c/commit/2759b87d72926b7c9b5426437a7c8dd15ff57945	2023-11-07

URL	Date	SRC
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00064.html	2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00054.html	2023-11-07
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UW2ED32VEUHXFN2J3YQE27JIBV4SC2PI	2023-11-07
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P	2023-11-07
https://access.redhat.com/security/cve/CVE-2020-13249	2020-12-22
https://bugzilla.redhat.com/show_bug.cgi?id=1839827	2020-12-22

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Mariadb Search vendor "Mariadb"		Connector\/c Search vendor "Mariadb" for product "Connector\/c"				< 3.1.8 Search vendor "Mariadb" for product "Connector\/c" and version " < 3.1.8"		-		Affected
Opensuse Search vendor "Opensuse"		Leap Search vendor "Opensuse" for product "Leap"				15.1 Search vendor "Opensuse" for product "Leap" and version "15.1"		-		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				31 Search vendor "Fedoraproject" for product "Fedora" and version "31"		-		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				32 Search vendor "Fedoraproject" for product "Fedora" and version "32"		-		Affected