Описание
A flaw was found in the MariaDB Server. It contains a use-after-free in the component, Binary_string::free_buffer() at /sql/sql_string.h, affecting availability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | mariadb | Out of support scope | ||
| Red Hat OpenStack Platform 13 (Queens) | mariadb | Out of support scope | ||
| Red Hat Enterprise Linux 8 | mariadb | Fixed | RHSA-2022:5826 | 02.08.2022 |
| Red Hat Enterprise Linux 8 | mariadb | Fixed | RHSA-2022:6443 | 13.09.2022 |
| Red Hat Enterprise Linux 9 | mariadb | Fixed | RHSA-2022:5948 | 09.08.2022 |
| Red Hat Software Collections for Red Hat Enterprise Linux 7 | rh-mariadb105-mariadb | Fixed | RHSA-2022:5759 | 28.07.2022 |
| Red Hat Software Collections for Red Hat Enterprise Linux 7 | rh-mariadb103-mariadb | Fixed | RHSA-2022:6306 | 01.09.2022 |
Показывать по
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-27447. Reason: This candidate is a reservation duplicate of CVE-2022-27447. Notes: All CVE users should reference CVE-2022-27447 instead of this candidate.
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-27447. Reason: This candidate is a reservation duplicate of CVE-2022-27447. Notes: All CVE users should reference CVE-2022-27447 instead of this candidate.
MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Binary_string::free_buffer() at /sql/sql_string.h.
Уязвимость функции Binary_string::free_buffer() компонента /sql/sql_string.h СУБД MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
7.5 High
CVSS3