{"schema_version":"1.7.2","id":"OESA-2022-1681","modified":"2022-05-28T11:03:49Z","published":"2022-05-28T11:03:49Z","upstream":["CVE-2022-27379","CVE-2022-27386","CVE-2022-27387","CVE-2022-27384","CVE-2022-27380","CVE-2022-27383","CVE-2022-27381","CVE-2022-27377","CVE-2022-27378","CVE-2022-27376","CVE-2022-27452","CVE-2022-27458","CVE-2022-27456","CVE-2022-27445","CVE-2022-27449","CVE-2022-27448","CVE-2022-27447","CVE-2022-27385","CVE-2022-27382","CVE-2022-27451","CVE-2022-27457","CVE-2022-27446","CVE-2022-27444","CVE-2022-27455"],"summary":"mariadb security update","details":"MariaDB is a community developed fork from MySQL - a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon (mariadbd) and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs and utilities.\n\nSecurity Fix(es):\n\nAn issue in the component Arg_comparator::compare_real_fixed of MariaDB Server v10.6.2 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.(CVE-2022-27379)\n\nMariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component sql/sql_class.cc.(CVE-2022-27386)\n\nMariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimal_bin_size, which is exploited via specially crafted SQL statements.(CVE-2022-27387)\n\nAn issue in the component Item_subselect::init_expr_cache_tracker of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.(CVE-2022-27384)\n\nAn issue in the component my_decimal::operator= of MariaDB Server v10.6.3 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.(CVE-2022-27380)\n\nMariaDB Server v10.6 and below was discovered to contain an use-after-free in the component my_strcasecmp_8bit, which is exploited via specially crafted SQL statements.(CVE-2022-27383)\n\nAn issue in the component Field::set_default of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.(CVE-2022-27381)\n\nMariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Item_func_in::cleanup(), which is exploited via specially crafted SQL statements.(CVE-2022-27377)\n\nAn issue in the component Create_tmp_table::finalize of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.(CVE-2022-27378)\n\nMariaDB Server v10.6.5 and below was discovered to contain an use-after-free in the component Item_args::walk_arg, which is exploited via specially crafted SQL statements.(CVE-2022-27376)\n\nMariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_cmpfunc.cc.(CVE-2022-27452)\n\nMariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Binary_string::free_buffer() at /sql/sql_string.h.(CVE-2022-27458)\n\nMariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component VDec::VDec at /sql/sql_type.cc.(CVE-2022-27456)\n\nMariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/sql_window.cc.(CVE-2022-27445)\n\nMariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_func.cc:148.(CVE-2022-27449)\n\nThere is an Assertion failure in MariaDB Server v10.9 and below via \u0026apos;node-\u0026gt;pcur-\u0026gt;rel_pos == BTR_PCUR_ON\u0026apos; at /row/row0mysql.cc.(CVE-2022-27448)\n\nMariaDB Server v10.9 and below was discovered to contain a use-after-free via the component Binary_string::free_buffer() at /sql/sql_string.h.(CVE-2022-27447)\n\nAn issue in the component Used_tables_and_const_cache::used_tables_and_const_cache_join of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.(CVE-2022-27385)\n\nMariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component Item_field::used_tables/update_depend_map_for_order.(CVE-2022-27382)\n\nMariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/field_conv.cc.(CVE-2022-27451)\n\nMariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_mb_wc_latin1 at /strings/ctype-latin1.c.(CVE-2022-27457)\n\nMariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_cmpfunc.h.(CVE-2022-27446)\n\nMariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_subselect.cc.(CVE-2022-27444)\n\nMariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_wildcmp_8bit_impl at /strings/ctype-simple.c.(CVE-2022-27455)","affected":[{"package":{"ecosystem":"openEuler:20.03-LTS-SP1","name":"mariadb","purl":"pkg:rpm/openEuler/mariadb\u0026distro=openEuler-20.03-LTS-SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.3.35-1.oe1"}]}],"ecosystem_specific":{"aarch64":["mariadb-server-10.3.35-1.oe1.aarch64.rpm","mariadb-server-galera-10.3.35-1.oe1.aarch64.rpm","mariadb-gssapi-server-10.3.35-1.oe1.aarch64.rpm","mariadb-10.3.35-1.oe1.aarch64.rpm","mariadb-embedded-devel-10.3.35-1.oe1.aarch64.rpm","mariadb-debugsource-10.3.35-1.oe1.aarch64.rpm","mariadb-test-10.3.35-1.oe1.aarch64.rpm","mariadb-devel-10.3.35-1.oe1.aarch64.rpm","mariadb-oqgraph-engine-10.3.35-1.oe1.aarch64.rpm","mariadb-errmessage-10.3.35-1.oe1.aarch64.rpm","mariadb-cracklib-10.3.35-1.oe1.aarch64.rpm","mariadb-debuginfo-10.3.35-1.oe1.aarch64.rpm","mariadb-embedded-10.3.35-1.oe1.aarch64.rpm","mariadb-backup-10.3.35-1.oe1.aarch64.rpm","mariadb-common-10.3.35-1.oe1.aarch64.rpm"],"src":["mariadb-10.3.35-1.oe1.src.rpm"],"x86_64":["mariadb-errmessage-10.3.35-1.oe1.x86_64.rpm","mariadb-test-10.3.35-1.oe1.x86_64.rpm","mariadb-debugsource-10.3.35-1.oe1.x86_64.rpm","mariadb-embedded-devel-10.3.35-1.oe1.x86_64.rpm","mariadb-backup-10.3.35-1.oe1.x86_64.rpm","mariadb-10.3.35-1.oe1.x86_64.rpm","mariadb-server-10.3.35-1.oe1.x86_64.rpm","mariadb-gssapi-server-10.3.35-1.oe1.x86_64.rpm","mariadb-server-galera-10.3.35-1.oe1.x86_64.rpm","mariadb-debuginfo-10.3.35-1.oe1.x86_64.rpm","mariadb-oqgraph-engine-10.3.35-1.oe1.x86_64.rpm","mariadb-common-10.3.35-1.oe1.x86_64.rpm","mariadb-embedded-10.3.35-1.oe1.x86_64.rpm","mariadb-cracklib-10.3.35-1.oe1.x86_64.rpm","mariadb-devel-10.3.35-1.oe1.x86_64.rpm"]}},{"package":{"ecosystem":"openEuler:20.03-LTS-SP3","name":"mariadb","purl":"pkg:rpm/openEuler/mariadb\u0026distro=openEuler-20.03-LTS-SP3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.3.35-1.oe1"}]}],"ecosystem_specific":{"aarch64":["mariadb-backup-10.3.35-1.oe1.aarch64.rpm","mariadb-cracklib-10.3.35-1.oe1.aarch64.rpm","mariadb-common-10.3.35-1.oe1.aarch64.rpm","mariadb-embedded-10.3.35-1.oe1.aarch64.rpm","mariadb-oqgraph-engine-10.3.35-1.oe1.aarch64.rpm","mariadb-server-galera-10.3.35-1.oe1.aarch64.rpm","mariadb-errmessage-10.3.35-1.oe1.aarch64.rpm","mariadb-10.3.35-1.oe1.aarch64.rpm","mariadb-debuginfo-10.3.35-1.oe1.aarch64.rpm","mariadb-devel-10.3.35-1.oe1.aarch64.rpm","mariadb-server-10.3.35-1.oe1.aarch64.rpm","mariadb-test-10.3.35-1.oe1.aarch64.rpm","mariadb-debugsource-10.3.35-1.oe1.aarch64.rpm","mariadb-gssapi-server-10.3.35-1.oe1.aarch64.rpm","mariadb-embedded-devel-10.3.35-1.oe1.aarch64.rpm"],"src":["mariadb-10.3.35-1.oe1.src.rpm"],"x86_64":["mariadb-10.3.35-1.oe1.x86_64.rpm","mariadb-cracklib-10.3.35-1.oe1.x86_64.rpm","mariadb-server-10.3.35-1.oe1.x86_64.rpm","mariadb-oqgraph-engine-10.3.35-1.oe1.x86_64.rpm","mariadb-gssapi-server-10.3.35-1.oe1.x86_64.rpm","mariadb-test-10.3.35-1.oe1.x86_64.rpm","mariadb-errmessage-10.3.35-1.oe1.x86_64.rpm","mariadb-debuginfo-10.3.35-1.oe1.x86_64.rpm","mariadb-devel-10.3.35-1.oe1.x86_64.rpm","mariadb-server-galera-10.3.35-1.oe1.x86_64.rpm","mariadb-backup-10.3.35-1.oe1.x86_64.rpm","mariadb-embedded-devel-10.3.35-1.oe1.x86_64.rpm","mariadb-embedded-10.3.35-1.oe1.x86_64.rpm","mariadb-common-10.3.35-1.oe1.x86_64.rpm","mariadb-debugsource-10.3.35-1.oe1.x86_64.rpm"]}},{"package":{"ecosystem":"openEuler:22.03-LTS","name":"mariadb","purl":"pkg:rpm/openEuler/mariadb\u0026distro=openEuler-22.03-LTS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.5.16-1.oe2203"}]}],"ecosystem_specific":{"aarch64":["mariadb-config-10.5.16-1.oe2203.aarch64.rpm","mariadb-test-10.5.16-1.oe2203.aarch64.rpm","mariadb-backup-10.5.16-1.oe2203.aarch64.rpm","mariadb-debugsource-10.5.16-1.oe2203.aarch64.rpm","mariadb-embedded-devel-10.5.16-1.oe2203.aarch64.rpm","mariadb-rocksdb-engine-10.5.16-1.oe2203.aarch64.rpm","mariadb-server-galera-10.5.16-1.oe2203.aarch64.rpm","mariadb-server-utils-10.5.16-1.oe2203.aarch64.rpm","mariadb-10.5.16-1.oe2203.aarch64.rpm","mariadb-pam-10.5.16-1.oe2203.aarch64.rpm","mariadb-embedded-10.5.16-1.oe2203.aarch64.rpm","mariadb-errmsg-10.5.16-1.oe2203.aarch64.rpm","mariadb-server-10.5.16-1.oe2203.aarch64.rpm","mariadb-debuginfo-10.5.16-1.oe2203.aarch64.rpm","mariadb-devel-10.5.16-1.oe2203.aarch64.rpm","mariadb-gssapi-server-10.5.16-1.oe2203.aarch64.rpm","mariadb-common-10.5.16-1.oe2203.aarch64.rpm","mariadb-oqgraph-engine-10.5.16-1.oe2203.aarch64.rpm"],"src":["mariadb-10.5.16-1.oe2203.src.rpm"],"x86_64":["mariadb-devel-10.5.16-1.oe2203.x86_64.rpm","mariadb-debuginfo-10.5.16-1.oe2203.x86_64.rpm","mariadb-server-10.5.16-1.oe2203.x86_64.rpm","mariadb-oqgraph-engine-10.5.16-1.oe2203.x86_64.rpm","mariadb-common-10.5.16-1.oe2203.x86_64.rpm","mariadb-gssapi-server-10.5.16-1.oe2203.x86_64.rpm","mariadb-test-10.5.16-1.oe2203.x86_64.rpm","mariadb-server-galera-10.5.16-1.oe2203.x86_64.rpm","mariadb-debugsource-10.5.16-1.oe2203.x86_64.rpm","mariadb-backup-10.5.16-1.oe2203.x86_64.rpm","mariadb-config-10.5.16-1.oe2203.x86_64.rpm","mariadb-server-utils-10.5.16-1.oe2203.x86_64.rpm","mariadb-embedded-devel-10.5.16-1.oe2203.x86_64.rpm","mariadb-embedded-10.5.16-1.oe2203.x86_64.rpm","mariadb-errmsg-10.5.16-1.oe2203.x86_64.rpm","mariadb-pam-10.5.16-1.oe2203.x86_64.rpm","mariadb-10.5.16-1.oe2203.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1681"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27379"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27386"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27387"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27384"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27380"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27383"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27381"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27377"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27378"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27376"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27452"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27458"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27456"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27445"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27449"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27448"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27447"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27385"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27382"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27451"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27457"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27446"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27444"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-27455"}],"database_specific":{"severity":"High"}}