CVE-2022-38791

Опубликовано: 01 июн. 2022

Источник: redhat

CVSS3: 6.5

Описание

In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 7	mariadb	Out of support scope
Red Hat OpenStack Platform 13 (Queens)	mariadb	Out of support scope
Red Hat Software Collections	rh-mariadb103-mariadb	Will not fix
Red Hat Enterprise Linux 8	mariadb	Fixed	RHSA-2023:5259	19.09.2023
Red Hat Enterprise Linux 8	mariadb	Fixed	RHSA-2023:5683	12.10.2023
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	mariadb	Fixed	RHSA-2023:6821	08.11.2023
Red Hat Enterprise Linux 8.4 Telecommunications Update Service	mariadb	Fixed	RHSA-2023:6821	08.11.2023
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	mariadb	Fixed	RHSA-2023:6821	08.11.2023
Red Hat Enterprise Linux 8.6 Extended Update Support	mariadb	Fixed	RHSA-2023:6822	08.11.2023
Red Hat Enterprise Linux 9	mariadb	Fixed	RHSA-2023:5684	12.10.2023

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-667

https://bugzilla.redhat.com/show_bug.cgi?id=2130105mariadb: compress_write() fails to release mutex on failure

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2022-38791

CVSS3: 5.5

ubuntu

больше 3 лет назад

In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.

CVE-2022-38791

CVSS3: 5.5

nvd

больше 3 лет назад

In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.