CVE-2022-31624

Опубликовано: 07 сент. 2021

Источник: redhat

CVSS3: 5.5

Описание

MariaDB Server before 10.7 is vulnerable to Denial of Service. While executing the plugin/server_audit/server_audit.c method log_statement_ex, the held lock lock_bigbuffer is not released correctly, which allows local users to trigger a denial of service due to the deadlock.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 7	mariadb	Out of support scope
Red Hat Enterprise Linux 9	mariadb	Not affected
Red Hat OpenStack Platform 13 (Queens)	mariadb	Out of support scope
Red Hat Enterprise Linux 8	mariadb	Fixed	RHSA-2022:1556	26.04.2022
Red Hat Enterprise Linux 8	mariadb	Fixed	RHSA-2022:1557	26.04.2022
Red Hat Enterprise Linux 8.4 Extended Update Support	mariadb	Fixed	RHSA-2022:4818	31.05.2022
Red Hat Software Collections for Red Hat Enterprise Linux 7	rh-mariadb105-galera	Fixed	RHSA-2022:1007	22.03.2022
Red Hat Software Collections for Red Hat Enterprise Linux 7	rh-mariadb105-mariadb	Fixed	RHSA-2022:1007	22.03.2022
Red Hat Software Collections for Red Hat Enterprise Linux 7	rh-mariadb103-galera	Fixed	RHSA-2022:1010	22.03.2022
Red Hat Software Collections for Red Hat Enterprise Linux 7	rh-mariadb103-mariadb	Fixed	RHSA-2022:1010	22.03.2022

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-404

https://bugzilla.redhat.com/show_bug.cgi?id=2092362mariadb: DoS due to improper locking due to unreleased lock in plugin/server_audit/server_audit.c

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2022-31624

CVSS3: 5.5

ubuntu

около 3 лет назад

CVE-2022-31624

CVSS3: 5.5

nvd

около 3 лет назад

CVE-2022-31624

CVSS3: 5.5

msrc

около 3 лет назад

Описание отсутствует

CVE-2022-31624

CVSS3: 5.5

debian

около 3 лет назад

MariaDB Server before 10.7 is vulnerable to Denial of Service. While e ...

GHSA-qcq9-cqmp-6vr3

CVSS3: 5.5

github

около 3 лет назад

5.5 Medium

CVSS3