CVE-2022-31623
mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (i.e., going to the err label) while executing the method create_worker_threads, the held lock thd->ctrl_mutex is not released correctly, which allows local users to trigger a denial of service due to the deadlock. Note: The vendor argues this is just an improper locking bug and not a vulnerability with adverse effects.
MariaDB Server versiones anteriores a 10.7, es vulnerable a una denegación de servicio. En el archivo extra/mariabackup/ds_compress.cc, cuando es producido un error (es decir, pasa a la etiqueta err) mientras es ejecutado el método create_worker_threads, el bloqueo retenido thd-)ctrl_mutex no es liberado correctamente, lo que permite a usuarios locales desencadenar una denegación de servicio debido al bloqueo
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2022-05-25 CVE Reserved
- 2022-05-25 CVE Published
- 2023-03-08 EPSS Updated
- 2024-10-29 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-667: Improper Locking
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| https://jira.mariadb.org/browse/MDEV-26561 | ||
| https://jira.mariadb.org/browse/MDEV-26574 | ||
| https://security.netapp.com/advisory/ntap-20220707-0006 | Third Party Advisory |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/MariaDB/server/commit/7c30bc38a588b22b01f11130cfe99e7f36accf94 | 2024-05-17 | |
| https://github.com/MariaDB/server/pull/1938 | 2024-05-17 |
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2022-31623 | 2022-09-13 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2092360 | 2022-09-13 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mariadb Search vendor "Mariadb" | Mariadb Search vendor "Mariadb" for product "Mariadb" | < 10.2.42 Search vendor "Mariadb" for product "Mariadb" and version " < 10.2.42" | - |
Affected
| ||||||
| Mariadb Search vendor "Mariadb" | Mariadb Search vendor "Mariadb" for product "Mariadb" | >= 10.3.0 < 10.3.33 Search vendor "Mariadb" for product "Mariadb" and version " >= 10.3.0 < 10.3.33" | - |
Affected
| ||||||
| Mariadb Search vendor "Mariadb" | Mariadb Search vendor "Mariadb" for product "Mariadb" | >= 10.4.0 < 10.4.23 Search vendor "Mariadb" for product "Mariadb" and version " >= 10.4.0 < 10.4.23" | - |
Affected
| ||||||
| Mariadb Search vendor "Mariadb" | Mariadb Search vendor "Mariadb" for product "Mariadb" | >= 10.5.0 < 10.5.14 Search vendor "Mariadb" for product "Mariadb" and version " >= 10.5.0 < 10.5.14" | - |
Affected
| ||||||
| Mariadb Search vendor "Mariadb" | Mariadb Search vendor "Mariadb" for product "Mariadb" | >= 10.6.0 < 10.6.6 Search vendor "Mariadb" for product "Mariadb" and version " >= 10.6.0 < 10.6.6" | - |
Affected
| ||||||
| Mariadb Search vendor "Mariadb" | Mariadb Search vendor "Mariadb" for product "Mariadb" | >= 10.7.0 < 10.7.2 Search vendor "Mariadb" for product "Mariadb" and version " >= 10.7.0 < 10.7.2" | - |
Affected
| ||||||