Описание
Security update for mariadb
This update for mariadb fixes the following issues:
- CVE-2023-22084: Fixed an easily exploitable vulnerability that allowed high privileged attacker with network access via multiple protocols to compromise MySQL Server (bsc#1217405).
Список пакетов
SUSE Enterprise Storage 7.1
libmariadbd-devel-10.5.23-150300.3.38.1
libmariadbd19-10.5.23-150300.3.38.1
mariadb-10.5.23-150300.3.38.1
mariadb-client-10.5.23-150300.3.38.1
mariadb-errormessages-10.5.23-150300.3.38.1
mariadb-tools-10.5.23-150300.3.38.1
SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
libmariadbd-devel-10.5.23-150300.3.38.1
libmariadbd19-10.5.23-150300.3.38.1
mariadb-10.5.23-150300.3.38.1
mariadb-client-10.5.23-150300.3.38.1
mariadb-errormessages-10.5.23-150300.3.38.1
mariadb-tools-10.5.23-150300.3.38.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
libmariadbd-devel-10.5.23-150300.3.38.1
libmariadbd19-10.5.23-150300.3.38.1
mariadb-10.5.23-150300.3.38.1
mariadb-client-10.5.23-150300.3.38.1
mariadb-errormessages-10.5.23-150300.3.38.1
mariadb-tools-10.5.23-150300.3.38.1
SUSE Linux Enterprise Server 15 SP3-LTSS
libmariadbd-devel-10.5.23-150300.3.38.1
libmariadbd19-10.5.23-150300.3.38.1
mariadb-10.5.23-150300.3.38.1
mariadb-client-10.5.23-150300.3.38.1
mariadb-errormessages-10.5.23-150300.3.38.1
mariadb-tools-10.5.23-150300.3.38.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
libmariadbd-devel-10.5.23-150300.3.38.1
libmariadbd19-10.5.23-150300.3.38.1
mariadb-10.5.23-150300.3.38.1
mariadb-client-10.5.23-150300.3.38.1
mariadb-errormessages-10.5.23-150300.3.38.1
mariadb-tools-10.5.23-150300.3.38.1
Ссылки
- Link for SUSE-SU-2023:4907-1
- E-Mail link for SUSE-SU-2023:4907-1
- SUSE Security Ratings
- SUSE Bug 1217405
- SUSE CVE CVE-2023-22084 page
Описание
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.43 and prior, 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Затронутые продукты
SUSE Enterprise Storage 7.1:libmariadbd-devel-10.5.23-150300.3.38.1
SUSE Enterprise Storage 7.1:libmariadbd19-10.5.23-150300.3.38.1
SUSE Enterprise Storage 7.1:mariadb-10.5.23-150300.3.38.1
SUSE Enterprise Storage 7.1:mariadb-client-10.5.23-150300.3.38.1
Ссылки
- CVE-2023-22084
- SUSE Bug 1217405