Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2026-35549

Опубликовано: 03 апр. 2026
Источник: ubuntu
Приоритет: medium
CVSS3: 6.5

Описание

An issue was discovered in MariaDB Server before 11.4.10, 11.5.x through 11.8.x before 11.8.6, and 12.x before 12.2.2. If the caching_sha2_password authentication plugin is installed, and some user accounts are configured to use it, a large packet can crash the server because sha256_crypt_r uses alloca.

РелизСтатусПримечание
devel

not-affected

1:11.8.6-5
esm-apps/noble

needs-triage

jammy

DNE

noble

needs-triage

questing

needs-triage

upstream

released

12.2.2, 11.8.6, 11.4.10

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/xenial

needs-triage

jammy

DNE

noble

DNE

questing

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/bionic

needs-triage

jammy

DNE

noble

DNE

questing

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/focal

needs-triage

jammy

DNE

noble

DNE

questing

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/jammy

needs-triage

jammy

needs-triage

noble

DNE

questing

DNE

upstream

needs-triage

Показывать по

Ссылки на источники

6.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2026-35549

CVSS3: 6.5
redhat
12 дней назад

An issue was discovered in MariaDB Server before 11.4.10, 11.5.x through 11.8.x before 11.8.6, and 12.x before 12.2.2. If the caching_sha2_password authentication plugin is installed, and some user accounts are configured to use it, a large packet can crash the server because sha256_crypt_r uses alloca.

nvd логотип

CVE-2026-35549

CVSS3: 6.5
nvd
12 дней назад

An issue was discovered in MariaDB Server before 11.4.10, 11.5.x through 11.8.x before 11.8.6, and 12.x before 12.2.2. If the caching_sha2_password authentication plugin is installed, and some user accounts are configured to use it, a large packet can crash the server because sha256_crypt_r uses alloca.

msrc логотип

CVE-2026-35549

msrc
12 дней назад

Описание отсутствует

debian логотип

CVE-2026-35549

CVSS3: 6.5
debian
12 дней назад

An issue was discovered in MariaDB Server before 11.4.10, 11.5.x throu ...

github логотип

GHSA-3xgj-m9hf-j98g

CVSS3: 6.5
github
12 дней назад

An issue was discovered in MariaDB Server before 11.4.10, 11.5.x through 11.8.x before 11.8.6, and 12.x before 12.2.2. If the caching_sha2_password authentication plugin is installed, and some user accounts are configured to use it, a large packet can crash the server because sha256_crypt_r uses alloca.

6.5 Medium

CVSS3