Описание
An issue in the component Create_tmp_table::finalize of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| mariadb-10.6 | fixed | 1:10.6.8-1 | package | |
| mariadb-10.5 | removed | package | ||
| mariadb-10.5 | fixed | 1:10.5.18-0+deb11u1 | bullseye | package |
| mariadb-10.3 | removed | package | ||
| mariadb-10.1 | not-affected | package |
Примечания
https://jira.mariadb.org/browse/MDEV-26423
Regression of MDEV-10780 and MDEV-11265 (https://github.com/MariaDB/server/commit/e4e25d2bac comment)
Commit MariaDB: https://github.com/MariaDB/server/commit/e4e25d2bac (10.2.44)
Fixed in MariaDB 10.2.44, 10.3.35, 10.4.25, 10.5.16, 10.6.8, 10.7.4, 10.8.3, 10.9.1
EPSS
Связанные уязвимости
An issue in the component Create_tmp_table::finalize of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
An issue in the component Create_tmp_table::finalize of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
An issue in the component Create_tmp_table::finalize of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
An issue in the component Create_tmp_table::finalize of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
EPSS