Описание
An issue in the component Item_subselect::init_expr_cache_tracker of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| mariadb-10.6 | fixed | 1:10.6.8-1 | package | |
| mariadb-10.5 | removed | package | ||
| mariadb-10.5 | fixed | 1:10.5.18-0+deb11u1 | bullseye | package |
| mariadb-10.3 | removed | package | ||
| mariadb-10.1 | removed | package |
Примечания
MariaDB bug: https://jira.mariadb.org/browse/MDEV-26047
MariaDB commit: https://github.com/MariaDB/server/commit/5100b20b15edd93200f34a79d25f1b14e46a677e (10.2.44)
Fixed in version 10.2.44, 10.3.35, 10.4.25, 10.5.16, 10.6.8, 10.7.4, 10.8.3
Same fix than CVE-2022-32083
EPSS
Связанные уязвимости
An issue in the component Item_subselect::init_expr_cache_tracker of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
An issue in the component Item_subselect::init_expr_cache_tracker of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
An issue in the component Item_subselect::init_expr_cache_tracker of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
An issue in the component Item_subselect::init_expr_cache_tracker of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
EPSS