Описание
A flaw was found in the MariaDB Server. It contains a use-after-free in the component, Binary_string::free_buffer() at /sql/sql_string.h, affecting availability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | mariadb | Out of support scope | ||
| Red Hat OpenStack Platform 13 (Queens) | mariadb | Out of support scope | ||
| Red Hat Enterprise Linux 8 | mariadb | Fixed | RHSA-2022:5826 | 02.08.2022 |
| Red Hat Enterprise Linux 8 | mariadb | Fixed | RHSA-2022:6443 | 13.09.2022 |
| Red Hat Enterprise Linux 9 | mariadb | Fixed | RHSA-2022:5948 | 09.08.2022 |
| Red Hat Software Collections for Red Hat Enterprise Linux 7 | rh-mariadb105-mariadb | Fixed | RHSA-2022:5759 | 28.07.2022 |
| Red Hat Software Collections for Red Hat Enterprise Linux 7 | rh-mariadb103-mariadb | Fixed | RHSA-2022:6306 | 01.09.2022 |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-617
https://bugzilla.redhat.com/show_bug.cgi?id=2075700mariadb: use-after-poison in Binary_string::free_buffer
7.5 High
CVSS3
Связанные уязвимости
nvd
около 3 лет назад
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-27447. Reason: This candidate is a reservation duplicate of CVE-2022-27447. Notes: All CVE users should reference CVE-2022-27447 instead of this candidate.
CVSS3: 7.5
github
около 3 лет назад
MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Binary_string::free_buffer() at /sql/sql_string.h.
CVSS3: 7.5
fstec
больше 3 лет назад
Уязвимость функции Binary_string::free_buffer() компонента /sql/sql_string.h СУБД MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
7.5 High
CVSS3