CVE-2022-31624
mariadb: DoS due to improper locking due to unreleased lock in plugin/server_audit/server_audit.c
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
MariaDB Server before 10.7 is vulnerable to Denial of Service. While executing the plugin/server_audit/server_audit.c method log_statement_ex, the held lock lock_bigbuffer is not released correctly, which allows local users to trigger a denial of service due to the deadlock.
MariaDB Server versiones anteriores a 10.7, es vulnerable a una denegación de servicio. Mientras es ejecutado el método log_statement_ex del archivo plugin/server_audit/server_audit.c, el bloqueo mantenido lock_bigbuffer no es liberado correctamente, lo que permite a usuarios locales desencadenar una denegación de servicio debido al bloqueo
Multiple vulnerabilities have been discovered in MariaDB, the worst fo which can lead to arbitrary execution of code. Versions greater than or equal to 10.11.3:10.11 are affected.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-05-25 CVE Reserved
- 2022-05-25 CVE Published
- 2024-08-03 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-404: Improper Resource Shutdown or Release
- CWE-667: Improper Locking
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| https://security.netapp.com/advisory/ntap-20220707-0006 | Third Party Advisory |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/MariaDB/server/commit/d627d00b13ab2f2c0954ea7b77202470cb102944 | 2023-08-08 |
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2022-31624 | 2022-05-31 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2092362 | 2022-05-31 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mariadb Search vendor "Mariadb" | Mariadb Search vendor "Mariadb" for product "Mariadb" | < 10.2.41 Search vendor "Mariadb" for product "Mariadb" and version " < 10.2.41" | - |
Affected
| ||||||
| Mariadb Search vendor "Mariadb" | Mariadb Search vendor "Mariadb" for product "Mariadb" | >= 10.3.0 < 10.3.32 Search vendor "Mariadb" for product "Mariadb" and version " >= 10.3.0 < 10.3.32" | - |
Affected
| ||||||
| Mariadb Search vendor "Mariadb" | Mariadb Search vendor "Mariadb" for product "Mariadb" | >= 10.4.0 < 10.4.22 Search vendor "Mariadb" for product "Mariadb" and version " >= 10.4.0 < 10.4.22" | - |
Affected
| ||||||
| Mariadb Search vendor "Mariadb" | Mariadb Search vendor "Mariadb" for product "Mariadb" | >= 10.5.0 < 10.5.13 Search vendor "Mariadb" for product "Mariadb" and version " >= 10.5.0 < 10.5.13" | - |
Affected
| ||||||
| Mariadb Search vendor "Mariadb" | Mariadb Search vendor "Mariadb" for product "Mariadb" | >= 10.6.0 < 10.6.5 Search vendor "Mariadb" for product "Mariadb" and version " >= 10.6.0 < 10.6.5" | - |
Affected
| ||||||