Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-38791 (GCVE-0-2022-38791)
Vulnerability from cvelistv5 – Published: 2022-08-27 00:00 – Updated: 2024-08-03 11:02
VLAI?
EPSS
Summary
In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://jira.mariadb.org/browse/MDEV-28719 | |
| https://security.netapp.com/advisory/ntap-2022110… | |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisory |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisory |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisory |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:02:14.577Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://jira.mariadb.org/browse/MDEV-28719"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20221104-0008/"
},
{
"name": "FEDORA-2022-cf88f807f9",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZHISY4YVO4S5QJYYIXCIAXBM7INOL4VY/"
},
{
"name": "FEDORA-2022-e0e9a43546",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WCOEGSVMIEXDZHBOSV6WVF7FAVRBR2JE/"
},
{
"name": "FEDORA-2022-333df1c4aa",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTVAONAZXJFGHAJ4RP2OF3EAMQCOTDSQ/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-30T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://jira.mariadb.org/browse/MDEV-28719"
},
{
"url": "https://security.netapp.com/advisory/ntap-20221104-0008/"
},
{
"name": "FEDORA-2022-cf88f807f9",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZHISY4YVO4S5QJYYIXCIAXBM7INOL4VY/"
},
{
"name": "FEDORA-2022-e0e9a43546",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WCOEGSVMIEXDZHBOSV6WVF7FAVRBR2JE/"
},
{
"name": "FEDORA-2022-333df1c4aa",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTVAONAZXJFGHAJ4RP2OF3EAMQCOTDSQ/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-38791",
"datePublished": "2022-08-27T00:00:00.000Z",
"dateReserved": "2022-08-27T00:00:00.000Z",
"dateUpdated": "2024-08-03T11:02:14.577Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2022-38791",
"date": "2026-05-20",
"epss": "0.00035",
"percentile": "0.10463"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.3.0\", \"versionEndExcluding\": \"10.3.36\", \"matchCriteriaId\": \"D5048A61-025A-46D4-AA1D-17C20FD193C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.4.0\", \"versionEndExcluding\": \"10.4.26\", \"matchCriteriaId\": \"76F49D8B-E293-475B-A190-E55F2586EB74\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.5.0\", \"versionEndExcluding\": \"10.5.17\", \"matchCriteriaId\": \"144984F5-B5E4-4890-B84C-0BD4EBD1A575\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.6.0\", \"versionEndExcluding\": \"10.6.9\", \"matchCriteriaId\": \"9397E948-E3C7-4AE0-AB59-D8DF6DC0F85A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.7.0\", \"versionEndExcluding\": \"10.7.5\", \"matchCriteriaId\": \"3E60C79C-A7E6-4AEF-AD29-38BC63149C60\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.8.0\", \"versionEndExcluding\": \"10.8.4\", \"matchCriteriaId\": \"EB9F7573-E888-42B6-8B57-CAF26300CC16\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mariadb:mariadb:10.9.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"69063B05-A5A5-4380-893E-D43F58FFF86D\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E30D0E6F-4AE8-4284-8716-991DFA48CC5D\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.\"}, {\"lang\": \"es\", \"value\": \"En MariaDB versiones anteriores a 10.9.2, la funci\\u00f3n compress_write en el archivo extra/mariabackup/ds_compress.cc no libera data_mutex tras un fallo de escritura en el flujo, lo que permite a usuarios locales desencadenar un bloqueo.\"}]",
"id": "CVE-2022-38791",
"lastModified": "2024-11-21T07:17:05.893",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}]}",
"published": "2022-08-27T20:15:08.290",
"references": "[{\"url\": \"https://jira.mariadb.org/browse/MDEV-28719\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WCOEGSVMIEXDZHBOSV6WVF7FAVRBR2JE/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTVAONAZXJFGHAJ4RP2OF3EAMQCOTDSQ/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZHISY4YVO4S5QJYYIXCIAXBM7INOL4VY/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20221104-0008/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://jira.mariadb.org/browse/MDEV-28719\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WCOEGSVMIEXDZHBOSV6WVF7FAVRBR2JE/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTVAONAZXJFGHAJ4RP2OF3EAMQCOTDSQ/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZHISY4YVO4S5QJYYIXCIAXBM7INOL4VY/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20221104-0008/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-667\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-38791\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2022-08-27T20:15:08.290\",\"lastModified\":\"2024-11-21T07:17:05.893\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.\"},{\"lang\":\"es\",\"value\":\"En MariaDB versiones anteriores a 10.9.2, la funci\u00f3n compress_write en el archivo extra/mariabackup/ds_compress.cc no libera data_mutex tras un fallo de escritura en el flujo, lo que permite a usuarios locales desencadenar un bloqueo.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-667\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.3.0\",\"versionEndExcluding\":\"10.3.36\",\"matchCriteriaId\":\"D5048A61-025A-46D4-AA1D-17C20FD193C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.4.0\",\"versionEndExcluding\":\"10.4.26\",\"matchCriteriaId\":\"76F49D8B-E293-475B-A190-E55F2586EB74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.5.0\",\"versionEndExcluding\":\"10.5.17\",\"matchCriteriaId\":\"144984F5-B5E4-4890-B84C-0BD4EBD1A575\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.6.0\",\"versionEndExcluding\":\"10.6.9\",\"matchCriteriaId\":\"9397E948-E3C7-4AE0-AB59-D8DF6DC0F85A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.7.0\",\"versionEndExcluding\":\"10.7.5\",\"matchCriteriaId\":\"3E60C79C-A7E6-4AEF-AD29-38BC63149C60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.8.0\",\"versionEndExcluding\":\"10.8.4\",\"matchCriteriaId\":\"EB9F7573-E888-42B6-8B57-CAF26300CC16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:10.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69063B05-A5A5-4380-893E-D43F58FFF86D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E30D0E6F-4AE8-4284-8716-991DFA48CC5D\"}]}]}],\"references\":[{\"url\":\"https://jira.mariadb.org/browse/MDEV-28719\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WCOEGSVMIEXDZHBOSV6WVF7FAVRBR2JE/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTVAONAZXJFGHAJ4RP2OF3EAMQCOTDSQ/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZHISY4YVO4S5QJYYIXCIAXBM7INOL4VY/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20221104-0008/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://jira.mariadb.org/browse/MDEV-28719\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WCOEGSVMIEXDZHBOSV6WVF7FAVRBR2JE/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTVAONAZXJFGHAJ4RP2OF3EAMQCOTDSQ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZHISY4YVO4S5QJYYIXCIAXBM7INOL4VY/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20221104-0008/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
alsa-2023:5259
Vulnerability from osv_almalinux
Published
2023-09-19 00:00
Modified
2023-09-21 17:41
Summary
Moderate: mariadb:10.3 security, bug fix, and enhancement update
Details
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL.
The following packages have been upgraded to a later upstream version: mariadb (10.3). (BZ#2223572, BZ#2223574, BZ#2223962, BZ#2223965)
Security Fix(es):
- mariadb: segmentation fault via the component sub_select (CVE-2022-32084)
- mariadb: server crash in JOIN_CACHE::free or in copy_fields (CVE-2022-32091)
- mariadb: compress_write() fails to release mutex on failure (CVE-2022-38791)
- mariadb: NULL pointer dereference in spider_db_mbase::print_warnings() (CVE-2022-47015)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- [MariaDB 10.3.32] socat: E Failed to set SNI host "" (SST failure) (BZ#2223961)
References
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "Judy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.5-18.module_el8.6.0+2867+72759d2f"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "Judy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.5-18.module_el8.6.0+3138+72759d2f"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "galera"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "25.3.37-1.module_el8.8.0+3609+204d4ab0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.3.39-1.module_el8.8.0+3609+204d4ab0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb-backup"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.3.39-1.module_el8.8.0+3609+204d4ab0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb-common"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.3.39-1.module_el8.8.0+3609+204d4ab0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.3.39-1.module_el8.8.0+3609+204d4ab0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb-embedded"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.3.39-1.module_el8.8.0+3609+204d4ab0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb-embedded-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.3.39-1.module_el8.8.0+3609+204d4ab0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb-errmsg"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.3.39-1.module_el8.8.0+3609+204d4ab0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb-gssapi-server"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.3.39-1.module_el8.8.0+3609+204d4ab0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb-oqgraph-engine"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.3.39-1.module_el8.8.0+3609+204d4ab0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb-server"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.3.39-1.module_el8.8.0+3609+204d4ab0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb-server-galera"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.3.39-1.module_el8.8.0+3609+204d4ab0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb-server-utils"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.3.39-1.module_el8.8.0+3609+204d4ab0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb-test"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.3.39-1.module_el8.8.0+3609+204d4ab0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. \n\nThe following packages have been upgraded to a later upstream version: mariadb (10.3). (BZ#2223572, BZ#2223574, BZ#2223962, BZ#2223965)\n\nSecurity Fix(es):\n\n* mariadb: segmentation fault via the component sub_select (CVE-2022-32084)\n* mariadb: server crash in JOIN_CACHE::free or in copy_fields (CVE-2022-32091)\n* mariadb: compress_write() fails to release mutex on failure (CVE-2022-38791)\n* mariadb: NULL pointer dereference in spider_db_mbase::print_warnings() (CVE-2022-47015)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* [MariaDB 10.3.32] socat: E Failed to set SNI host \"\" (SST failure) (BZ#2223961)",
"id": "ALSA-2023:5259",
"modified": "2023-09-21T17:41:57Z",
"published": "2023-09-19T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2023:5259"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-32084"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-32091"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-38791"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-47015"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2106034"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2106042"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2130105"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2163609"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2023-5259.html"
}
],
"related": [
"CVE-2022-32084",
"CVE-2022-32091",
"CVE-2022-38791",
"CVE-2022-47015"
],
"summary": "Moderate: mariadb:10.3 security, bug fix, and enhancement update"
}
alsa-2023:5683
Vulnerability from osv_almalinux
Published
2023-10-12 00:00
Modified
2023-10-13 18:15
Summary
Important: mariadb:10.5 security update
Details
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL.
The following packages have been upgraded to a later upstream version: galera (26.4.14), mariadb (10.5.22).
Security Fix(es):
- mariadb: node crashes with Transport endpoint is not connected mysqld got signal 6 (CVE-2023-5157)
- mariadb: use-after-poison in prepare_inplace_add_virtual in handler0alter.cc (CVE-2022-32081)
- mariadb: assertion failure at table->get_ref_count() == 0 in dict0dict.cc (CVE-2022-32082)
- mariadb: segmentation fault via the component sub_select (CVE-2022-32084)
- mariadb: server crash in st_select_lex_unit::exclude_level (CVE-2022-32089)
- mariadb: server crash in JOIN_CACHE::free or in copy_fields (CVE-2022-32091)
- mariadb: compress_write() fails to release mutex on failure (CVE-2022-38791)
- mariadb: NULL pointer dereference in spider_db_mbase::print_warnings() (CVE-2022-47015)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "Judy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.5-18.module_el8.6.0+3139+3c630e87"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "Judy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.5-18.module_el8.6.0+3072+3c630e87"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "galera"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "26.4.14-1.module_el8.8.0+3620+5d452900"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.module_el8.8.0+3620+5d452900"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb-backup"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.module_el8.8.0+3620+5d452900"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb-common"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.module_el8.8.0+3620+5d452900"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.module_el8.8.0+3620+5d452900"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb-embedded"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.module_el8.8.0+3620+5d452900"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb-embedded-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.module_el8.8.0+3620+5d452900"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb-errmsg"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.module_el8.8.0+3620+5d452900"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb-gssapi-server"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.module_el8.8.0+3620+5d452900"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb-oqgraph-engine"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.module_el8.8.0+3620+5d452900"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb-pam"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.module_el8.8.0+3620+5d452900"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb-server"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.module_el8.8.0+3620+5d452900"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb-server-galera"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.module_el8.8.0+3620+5d452900"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb-server-utils"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.module_el8.8.0+3620+5d452900"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "mariadb-test"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.module_el8.8.0+3620+5d452900"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. \n\nThe following packages have been upgraded to a later upstream version: galera\n(26.4.14), mariadb (10.5.22).\n\nSecurity Fix(es):\n\n* mariadb: node crashes with Transport endpoint is not connected mysqld got signal 6 (CVE-2023-5157)\n* mariadb: use-after-poison in prepare_inplace_add_virtual in handler0alter.cc (CVE-2022-32081)\n* mariadb: assertion failure at table-\u003eget_ref_count() == 0 in dict0dict.cc (CVE-2022-32082)\n* mariadb: segmentation fault via the component sub_select (CVE-2022-32084)\n* mariadb: server crash in st_select_lex_unit::exclude_level (CVE-2022-32089)\n* mariadb: server crash in JOIN_CACHE::free or in copy_fields (CVE-2022-32091)\n* mariadb: compress_write() fails to release mutex on failure (CVE-2022-38791)\n* mariadb: NULL pointer dereference in spider_db_mbase::print_warnings() (CVE-2022-47015)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"id": "ALSA-2023:5683",
"modified": "2023-10-13T18:15:02Z",
"published": "2023-10-12T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2023:5683"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-32081"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-32082"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-32084"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-32089"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-32091"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-38791"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-47015"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-5157"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2106028"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2106030"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2106034"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2106035"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2106042"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2130105"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2163609"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2240246"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2023-5683.html"
}
],
"related": [
"CVE-2023-5157",
"CVE-2022-32081",
"CVE-2022-32082",
"CVE-2022-32084",
"CVE-2022-32089",
"CVE-2022-32091",
"CVE-2022-38791",
"CVE-2022-47015"
],
"summary": "Important: mariadb:10.5 security update"
}
alsa-2023:5684
Vulnerability from osv_almalinux
Published
2023-10-12 00:00
Modified
2023-10-13 15:18
Summary
Important: galera and mariadb security update
Details
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL.
The following packages have been upgraded to a later upstream version: galera (26.4.14), mariadb (10.5.22).
Security Fix(es):
- mariadb: node crashes with Transport endpoint is not connected mysqld got signal 6 (CVE-2023-5157)
- mariadb: use-after-poison in prepare_inplace_add_virtual in handler0alter.cc (CVE-2022-32081)
- mariadb: assertion failure at table->get_ref_count() == 0 in dict0dict.cc (CVE-2022-32082)
- mariadb: segmentation fault via the component sub_select (CVE-2022-32084)
- mariadb: server crash in st_select_lex_unit::exclude_level (CVE-2022-32089)
- mariadb: server crash in JOIN_CACHE::free or in copy_fields (CVE-2022-32091)
- mariadb: compress_write() fails to release mutex on failure (CVE-2022-38791)
- mariadb: NULL pointer dereference in spider_db_mbase::print_warnings() (CVE-2022-47015)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "galera"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "26.4.14-1.el9_2.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "mariadb"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.el9_2.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "mariadb-backup"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.el9_2.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "mariadb-common"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.el9_2.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "mariadb-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.el9_2.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "mariadb-embedded"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.el9_2.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "mariadb-embedded-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.el9_2.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "mariadb-errmsg"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.el9_2.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "mariadb-gssapi-server"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.el9_2.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "mariadb-oqgraph-engine"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.el9_2.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "mariadb-pam"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.el9_2.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "mariadb-server"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.el9_2.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "mariadb-server-galera"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.el9_2.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "mariadb-server-utils"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.el9_2.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "mariadb-test"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3:10.5.22-1.el9_2.alma.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL.\n\nThe following packages have been upgraded to a later upstream version: galera\n(26.4.14), mariadb (10.5.22).\n\nSecurity Fix(es):\n\n* mariadb: node crashes with Transport endpoint is not connected mysqld got signal 6 (CVE-2023-5157)\n* mariadb: use-after-poison in prepare_inplace_add_virtual in handler0alter.cc (CVE-2022-32081)\n* mariadb: assertion failure at table-\u003eget_ref_count() == 0 in dict0dict.cc (CVE-2022-32082)\n* mariadb: segmentation fault via the component sub_select (CVE-2022-32084)\n* mariadb: server crash in st_select_lex_unit::exclude_level (CVE-2022-32089)\n* mariadb: server crash in JOIN_CACHE::free or in copy_fields (CVE-2022-32091)\n* mariadb: compress_write() fails to release mutex on failure (CVE-2022-38791)\n* mariadb: NULL pointer dereference in spider_db_mbase::print_warnings() (CVE-2022-47015)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"id": "ALSA-2023:5684",
"modified": "2023-10-13T15:18:21Z",
"published": "2023-10-12T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2023:5684"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-32081"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-32082"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-32084"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-32089"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-32091"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-38791"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-47015"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-5157"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2106028"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2106030"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2106034"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2106035"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2106042"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2130105"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2163609"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2240246"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/9/ALSA-2023-5684.html"
}
],
"related": [
"CVE-2023-5157",
"CVE-2022-32081",
"CVE-2022-32082",
"CVE-2022-32084",
"CVE-2022-32089",
"CVE-2022-32091",
"CVE-2022-38791",
"CVE-2022-47015"
],
"summary": "Important: galera and mariadb security update"
}
BDU:2023-05678
Vulnerability from fstec - Published: 27.08.2022
VLAI Severity ?
Title
Уязвимость компонента ds_compress.cc системы управления базами данных MariaDB, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость компонента ds_compress.cc системы управления базами данных MariaDB вызвана ошибками блокировки ресурса. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании
Severity ?
Vendor
Red Hat Inc., Сообщество свободного программного обеспечения, Fedora Project, ООО «РусБИТех-Астра», АО «ИВК», MariaDB Foundation, АО «НТЦ ИТ РОСА»
Software Name
Red Hat Enterprise Linux, Debian GNU/Linux, Red Hat Software Collections, Fedora, Astra Linux Special Edition (запись в едином реестре российских программ №369), Альт 8 СП (запись в едином реестре российских программ №4305), MariaDB, РОСА ХРОМ (запись в едином реестре российских программ №1607)
Software Version
8 (Red Hat Enterprise Linux), 10 (Debian GNU/Linux), - (Red Hat Software Collections), 11 (Debian GNU/Linux), 35 (Fedora), 1.7 (Astra Linux Special Edition), - (Альт 8 СП), 36 (Fedora), 9 (Red Hat Enterprise Linux), от 10.5.0 до 10.5.17 (MariaDB), от 10.6.0 до 10.6.9 (MariaDB), от 10.7.0 до 10.7.5 (MariaDB), от 10.8.0 до 10.8.4 (MariaDB), 37 (Fedora), 12.4 (РОСА ХРОМ), от 10.3.0 до 10.3.36 (MariaDB), от 10.4.0 до 10.4.26 (MariaDB), 10.9.1 (MariaDB)
Possible Mitigations
Использование рекомендаций:
Для MariaDB:
https://jira.mariadb.org/browse/MDEV-28719
Для Debian GNU/Linux:
https://security-tracker.debian.org/tracker/CVE-2022-38791
Для программных продуктов Red Hat Inc.:
https://access.redhat.com/security/cve/CVE-2022-38791
Для Fedora:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCOEGSVMIEXDZHBOSV6WVF7FAVRBR2JE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTVAONAZXJFGHAJ4RP2OF3EAMQCOTDSQ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZHISY4YVO4S5QJYYIXCIAXBM7INOL4VY/
Для ОС Альт 8 СП: установка обновления из публичного репозитория программного средства
Для операционной системы РОСА ХРОМ: https://abf.rosalinux.ru/advisories/ROSA-SA-2023-2255
Для ОС Astra Linux Special Edition 1.7:
обновить пакет mariadb-10.3 до 1:10.3.36-0+deb10u2 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2022-1110SE17
Reference
https://altsp.su/obnovleniya-bezopasnosti/detail/?report=report-06042023-c9f2
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTVAONAZXJFGHAJ4RP2OF3EAMQCOTDSQ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCOEGSVMIEXDZHBOSV6WVF7FAVRBR2JE/
https://security.netapp.com/advisory/ntap-20221104-0008/
https://jira.mariadb.org/browse/MDEV-28719
https://nvd.nist.gov/vuln/detail/CVE-2022-38791
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZHISY4YVO4S5QJYYIXCIAXBM7INOL4VY/
https://security-tracker.debian.org/tracker/CVE-2022-38791
https://access.redhat.com/security/cve/CVE-2022-38791
https://altsp.su/obnovleniya-bezopasnosti/
https://abf.rosalinux.ru/advisories/ROSA-SA-2023-2255
CWE
CWE-667
{
"CVSS 2.0": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
"CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Red Hat Inc., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Fedora Project, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb, MariaDB Foundation, \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "8 (Red Hat Enterprise Linux), 10 (Debian GNU/Linux), - (Red Hat Software Collections), 11 (Debian GNU/Linux), 35 (Fedora), 1.7 (Astra Linux Special Edition), - (\u0410\u043b\u044c\u0442 8 \u0421\u041f), 36 (Fedora), 9 (Red Hat Enterprise Linux), \u043e\u0442 10.5.0 \u0434\u043e 10.5.17 (MariaDB), \u043e\u0442 10.6.0 \u0434\u043e 10.6.9 (MariaDB), \u043e\u0442 10.7.0 \u0434\u043e 10.7.5 (MariaDB), \u043e\u0442 10.8.0 \u0434\u043e 10.8.4 (MariaDB), 37 (Fedora), 12.4 (\u0420\u041e\u0421\u0410 \u0425\u0420\u041e\u041c), \u043e\u0442 10.3.0 \u0434\u043e 10.3.36 (MariaDB), \u043e\u0442 10.4.0 \u0434\u043e 10.4.26 (MariaDB), 10.9.1 (MariaDB)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f MariaDB:\nhttps://jira.mariadb.org/browse/MDEV-28719\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2022-38791\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/CVE-2022-38791\n\n\u0414\u043b\u044f Fedora:\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCOEGSVMIEXDZHBOSV6WVF7FAVRBR2JE/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTVAONAZXJFGHAJ4RP2OF3EAMQCOTDSQ/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZHISY4YVO4S5QJYYIXCIAXBM7INOL4VY/\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u043b\u044c\u0442 8 \u0421\u041f: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\n\n\u0414\u043b\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0420\u041e\u0421\u0410 \u0425\u0420\u041e\u041c: https://abf.rosalinux.ru/advisories/ROSA-SA-2023-2255\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux Special Edition 1.7:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 mariadb-10.3 \u0434\u043e 1:10.3.36-0+deb10u2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2022-1110SE17",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "27.08.2022",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "24.09.2024",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "15.09.2023",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2023-05678",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2022-38791",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Red Hat Enterprise Linux, Debian GNU/Linux, Red Hat Software Collections, Fedora, Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), MariaDB, \u0420\u041e\u0421\u0410 \u0425\u0420\u041e\u041c (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161607)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Red Hat Inc. Red Hat Enterprise Linux 8 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , Fedora Project Fedora 35 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u043b\u044c\u0442 8 \u0421\u041f - (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), Fedora Project Fedora 36 , Red Hat Inc. Red Hat Enterprise Linux 9 , Fedora Project Fedora 37 , \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb \u0420\u041e\u0421\u0410 \u0425\u0420\u041e\u041c 12.4 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161607)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 ds_compress.cc \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0430\u0437\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 MariaDB, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0430 (CWE-667)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 ds_compress.cc \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0430\u0437\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 MariaDB \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0440\u043e\u043a\u0430\u043c\u0438 \u0438 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435\u043c",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://altsp.su/obnovleniya-bezopasnosti/detail/?report=report-06042023-c9f2\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTVAONAZXJFGHAJ4RP2OF3EAMQCOTDSQ/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCOEGSVMIEXDZHBOSV6WVF7FAVRBR2JE/\nhttps://security.netapp.com/advisory/ntap-20221104-0008/\nhttps://jira.mariadb.org/browse/MDEV-28719\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-38791\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZHISY4YVO4S5QJYYIXCIAXBM7INOL4VY/\nhttps://security-tracker.debian.org/tracker/CVE-2022-38791\nhttps://access.redhat.com/security/cve/CVE-2022-38791\nhttps://altsp.su/obnovleniya-bezopasnosti/\nhttps://abf.rosalinux.ru/advisories/ROSA-SA-2023-2255",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u0421\u0423\u0411\u0414",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-667",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,6)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}
bit-mariadb-2022-38791
Vulnerability from bitnami_vulndb
Published
2024-03-06 10:55
Modified
2025-04-03 14:40
Summary
Details
In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.
{
"affected": [
{
"package": {
"ecosystem": "Bitnami",
"name": "mariadb",
"purl": "pkg:bitnami/mariadb"
},
"ranges": [
{
"events": [
{
"introduced": "10.3.0"
},
{
"fixed": "10.3.36"
},
{
"introduced": "10.4.0"
},
{
"fixed": "10.4.26"
},
{
"introduced": "10.5.0"
},
{
"fixed": "10.5.17"
},
{
"introduced": "10.6.0"
},
{
"fixed": "10.6.9"
},
{
"introduced": "10.7.0"
},
{
"fixed": "10.7.5"
},
{
"introduced": "10.8.0"
},
{
"fixed": "10.8.4"
},
{
"introduced": "10.9.1"
},
{
"fixed": "10.9.2"
}
],
"type": "SEMVER"
}
],
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
],
"aliases": [
"CVE-2022-38791"
],
"database_specific": {
"cpes": [
"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe:2.3:a:mariadb:mariadb:10.9.1:*:*:*:*:*:*:*"
],
"severity": "Medium"
},
"details": "In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.",
"id": "BIT-mariadb-2022-38791",
"modified": "2025-04-03T14:40:37.652Z",
"published": "2024-03-06T10:55:58.175Z",
"references": [
{
"type": "WEB",
"url": "https://jira.mariadb.org/browse/MDEV-28719"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WCOEGSVMIEXDZHBOSV6WVF7FAVRBR2JE/"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTVAONAZXJFGHAJ4RP2OF3EAMQCOTDSQ/"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZHISY4YVO4S5QJYYIXCIAXBM7INOL4VY/"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20221104-0008/"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38791"
}
],
"schema_version": "1.5.0"
}
FKIE_CVE-2022-38791
Vulnerability from fkie_nvd - Published: 2022-08-27 20:15 - Updated: 2024-11-21 07:17
Severity ?
Summary
In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://jira.mariadb.org/browse/MDEV-28719 | Issue Tracking, Vendor Advisory | |
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WCOEGSVMIEXDZHBOSV6WVF7FAVRBR2JE/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTVAONAZXJFGHAJ4RP2OF3EAMQCOTDSQ/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZHISY4YVO4S5QJYYIXCIAXBM7INOL4VY/ | ||
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20221104-0008/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jira.mariadb.org/browse/MDEV-28719 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WCOEGSVMIEXDZHBOSV6WVF7FAVRBR2JE/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTVAONAZXJFGHAJ4RP2OF3EAMQCOTDSQ/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZHISY4YVO4S5QJYYIXCIAXBM7INOL4VY/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20221104-0008/ | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5048A61-025A-46D4-AA1D-17C20FD193C0",
"versionEndExcluding": "10.3.36",
"versionStartIncluding": "10.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76F49D8B-E293-475B-A190-E55F2586EB74",
"versionEndExcluding": "10.4.26",
"versionStartIncluding": "10.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "144984F5-B5E4-4890-B84C-0BD4EBD1A575",
"versionEndExcluding": "10.5.17",
"versionStartIncluding": "10.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9397E948-E3C7-4AE0-AB59-D8DF6DC0F85A",
"versionEndExcluding": "10.6.9",
"versionStartIncluding": "10.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E60C79C-A7E6-4AEF-AD29-38BC63149C60",
"versionEndExcluding": "10.7.5",
"versionStartIncluding": "10.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB9F7573-E888-42B6-8B57-CAF26300CC16",
"versionEndExcluding": "10.8.4",
"versionStartIncluding": "10.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:10.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69063B05-A5A5-4380-893E-D43F58FFF86D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock."
},
{
"lang": "es",
"value": "En MariaDB versiones anteriores a 10.9.2, la funci\u00f3n compress_write en el archivo extra/mariabackup/ds_compress.cc no libera data_mutex tras un fallo de escritura en el flujo, lo que permite a usuarios locales desencadenar un bloqueo."
}
],
"id": "CVE-2022-38791",
"lastModified": "2024-11-21T07:17:05.893",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-27T20:15:08.290",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://jira.mariadb.org/browse/MDEV-28719"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WCOEGSVMIEXDZHBOSV6WVF7FAVRBR2JE/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTVAONAZXJFGHAJ4RP2OF3EAMQCOTDSQ/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZHISY4YVO4S5QJYYIXCIAXBM7INOL4VY/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20221104-0008/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://jira.mariadb.org/browse/MDEV-28719"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WCOEGSVMIEXDZHBOSV6WVF7FAVRBR2JE/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTVAONAZXJFGHAJ4RP2OF3EAMQCOTDSQ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZHISY4YVO4S5QJYYIXCIAXBM7INOL4VY/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20221104-0008/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-667"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-V65W-QWP3-HM34
Vulnerability from github – Published: 2022-08-28 00:00 – Updated: 2022-09-02 00:01
VLAI?
Details
In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.
Severity ?
5.5 (Medium)
{
"affected": [],
"aliases": [
"CVE-2022-38791"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-08-27T20:15:00Z",
"severity": "MODERATE"
},
"details": "In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.",
"id": "GHSA-v65w-qwp3-hm34",
"modified": "2022-09-02T00:01:06Z",
"published": "2022-08-28T00:00:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38791"
},
{
"type": "WEB",
"url": "https://jira.mariadb.org/browse/MDEV-28719"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCOEGSVMIEXDZHBOSV6WVF7FAVRBR2JE"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTVAONAZXJFGHAJ4RP2OF3EAMQCOTDSQ"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZHISY4YVO4S5QJYYIXCIAXBM7INOL4VY"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20221104-0008"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2022-38791
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-38791",
"description": "In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.",
"id": "GSD-2022-38791",
"references": [
"https://www.suse.com/security/cve/CVE-2022-38791.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-38791"
],
"details": "In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.",
"id": "GSD-2022-38791",
"modified": "2023-12-13T01:19:22.289351Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-38791",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jira.mariadb.org/browse/MDEV-28719",
"refsource": "MISC",
"url": "https://jira.mariadb.org/browse/MDEV-28719"
},
{
"name": "https://security.netapp.com/advisory/ntap-20221104-0008/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20221104-0008/"
},
{
"name": "FEDORA-2022-cf88f807f9",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZHISY4YVO4S5QJYYIXCIAXBM7INOL4VY/"
},
{
"name": "FEDORA-2022-e0e9a43546",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCOEGSVMIEXDZHBOSV6WVF7FAVRBR2JE/"
},
{
"name": "FEDORA-2022-333df1c4aa",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTVAONAZXJFGHAJ4RP2OF3EAMQCOTDSQ/"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.36",
"versionStartIncluding": "10.3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.4.26",
"versionStartIncluding": "10.4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.5.17",
"versionStartIncluding": "10.5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.6.9",
"versionStartIncluding": "10.6.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.7.5",
"versionStartIncluding": "10.7.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.8.4",
"versionStartIncluding": "10.8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:10.9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-38791"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jira.mariadb.org/browse/MDEV-28719",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://jira.mariadb.org/browse/MDEV-28719"
},
{
"name": "https://security.netapp.com/advisory/ntap-20221104-0008/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20221104-0008/"
},
{
"name": "FEDORA-2022-cf88f807f9",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZHISY4YVO4S5QJYYIXCIAXBM7INOL4VY/"
},
{
"name": "FEDORA-2022-333df1c4aa",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTVAONAZXJFGHAJ4RP2OF3EAMQCOTDSQ/"
},
{
"name": "FEDORA-2022-e0e9a43546",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCOEGSVMIEXDZHBOSV6WVF7FAVRBR2JE/"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2022-12-08T03:44Z",
"publishedDate": "2022-08-27T20:15Z"
}
}
}
MSRC_CVE-2022-38791
Vulnerability from csaf_microsoft - Published: 2022-08-02 00:00 - Updated: 2022-09-03 00:00Summary
In MariaDB before 10.9.2 compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure which allows local users to trigger a deadlock.
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2022/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2022/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2022-38791 In MariaDB before 10.9.2 compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure which allows local users to trigger a deadlock. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2022/msrc_cve-2022-38791.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "In MariaDB before 10.9.2 compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure which allows local users to trigger a deadlock.",
"tracking": {
"current_release_date": "2022-09-03T00:00:00.000Z",
"generator": {
"date": "2025-10-19T23:51:07.216Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2022-38791",
"initial_release_date": "2022-08-02T00:00:00.000Z",
"revision_history": [
{
"date": "2022-09-03T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1.0",
"product": {
"name": "CBL Mariner 1.0",
"product_id": "16820"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccm1 mariadb 10.3.36-1",
"product": {
"name": "\u003ccm1 mariadb 10.3.36-1",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cm1 mariadb 10.3.36-1",
"product": {
"name": "cm1 mariadb 10.3.36-1",
"product_id": "16975"
}
}
],
"category": "product_name",
"name": "mariadb"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccm1 mariadb 10.3.36-1 as a component of CBL Mariner 1.0",
"product_id": "16820-1"
},
"product_reference": "1",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cm1 mariadb 10.3.36-1 as a component of CBL Mariner 1.0",
"product_id": "16975-16820"
},
"product_reference": "16975",
"relates_to_product_reference": "16820"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-38791",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "general",
"text": "mitre",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"16975-16820"
],
"known_affected": [
"16820-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-38791 In MariaDB before 10.9.2 compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure which allows local users to trigger a deadlock. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2022/msrc_cve-2022-38791.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-03T00:00:00.000Z",
"details": "10.3.36-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"16820-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"16820-1"
]
}
],
"title": "In MariaDB before 10.9.2 compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure which allows local users to trigger a deadlock."
}
]
}
OPENSUSE-SU-2024:12360-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
libmariadbd-devel-10.9.3-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: libmariadbd-devel-10.9.3-1.1 on GA media
Description of the patch: These are all security issues fixed in the libmariadbd-devel-10.9.3-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-12360
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.4 (Medium)
Affected products
Recommended
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
30 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://www.suse.com/security/cve/CVE-2018-25032/ | self |
| https://www.suse.com/security/cve/CVE-2022-32081/ | self |
| https://www.suse.com/security/cve/CVE-2022-32082/ | self |
| https://www.suse.com/security/cve/CVE-2022-32084/ | self |
| https://www.suse.com/security/cve/CVE-2022-32089/ | self |
| https://www.suse.com/security/cve/CVE-2022-32091/ | self |
| https://www.suse.com/security/cve/CVE-2022-38791/ | self |
| https://www.suse.com/security/cve/CVE-2018-25032 | external |
| https://bugzilla.suse.com/1197459 | external |
| https://bugzilla.suse.com/1197893 | external |
| https://bugzilla.suse.com/1198667 | external |
| https://bugzilla.suse.com/1199104 | external |
| https://bugzilla.suse.com/1200049 | external |
| https://bugzilla.suse.com/1201732 | external |
| https://bugzilla.suse.com/1202688 | external |
| https://bugzilla.suse.com/1224427 | external |
| https://www.suse.com/security/cve/CVE-2022-32081 | external |
| https://bugzilla.suse.com/1201161 | external |
| https://www.suse.com/security/cve/CVE-2022-32082 | external |
| https://bugzilla.suse.com/1201162 | external |
| https://www.suse.com/security/cve/CVE-2022-32084 | external |
| https://bugzilla.suse.com/1201164 | external |
| https://www.suse.com/security/cve/CVE-2022-32089 | external |
| https://bugzilla.suse.com/1201169 | external |
| https://www.suse.com/security/cve/CVE-2022-32091 | external |
| https://bugzilla.suse.com/1201170 | external |
| https://www.suse.com/security/cve/CVE-2022-38791 | external |
| https://bugzilla.suse.com/1202863 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "libmariadbd-devel-10.9.3-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the libmariadbd-devel-10.9.3-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-12360",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12360-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-25032 page",
"url": "https://www.suse.com/security/cve/CVE-2018-25032/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32081 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32082 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32082/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32084 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32084/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32089 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32091 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32091/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-38791 page",
"url": "https://www.suse.com/security/cve/CVE-2022-38791/"
}
],
"title": "libmariadbd-devel-10.9.3-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:12360-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libmariadbd-devel-10.9.3-1.1.aarch64",
"product": {
"name": "libmariadbd-devel-10.9.3-1.1.aarch64",
"product_id": "libmariadbd-devel-10.9.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libmariadbd19-10.9.3-1.1.aarch64",
"product": {
"name": "libmariadbd19-10.9.3-1.1.aarch64",
"product_id": "libmariadbd19-10.9.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-10.9.3-1.1.aarch64",
"product": {
"name": "mariadb-10.9.3-1.1.aarch64",
"product_id": "mariadb-10.9.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.9.3-1.1.aarch64",
"product": {
"name": "mariadb-bench-10.9.3-1.1.aarch64",
"product_id": "mariadb-bench-10.9.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.9.3-1.1.aarch64",
"product": {
"name": "mariadb-client-10.9.3-1.1.aarch64",
"product_id": "mariadb-client-10.9.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-errormessages-10.9.3-1.1.aarch64",
"product": {
"name": "mariadb-errormessages-10.9.3-1.1.aarch64",
"product_id": "mariadb-errormessages-10.9.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-galera-10.9.3-1.1.aarch64",
"product": {
"name": "mariadb-galera-10.9.3-1.1.aarch64",
"product_id": "mariadb-galera-10.9.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-rpm-macros-10.9.3-1.1.aarch64",
"product": {
"name": "mariadb-rpm-macros-10.9.3-1.1.aarch64",
"product_id": "mariadb-rpm-macros-10.9.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.9.3-1.1.aarch64",
"product": {
"name": "mariadb-test-10.9.3-1.1.aarch64",
"product_id": "mariadb-test-10.9.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.9.3-1.1.aarch64",
"product": {
"name": "mariadb-tools-10.9.3-1.1.aarch64",
"product_id": "mariadb-tools-10.9.3-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libmariadbd-devel-10.9.3-1.1.ppc64le",
"product": {
"name": "libmariadbd-devel-10.9.3-1.1.ppc64le",
"product_id": "libmariadbd-devel-10.9.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libmariadbd19-10.9.3-1.1.ppc64le",
"product": {
"name": "libmariadbd19-10.9.3-1.1.ppc64le",
"product_id": "libmariadbd19-10.9.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-10.9.3-1.1.ppc64le",
"product": {
"name": "mariadb-10.9.3-1.1.ppc64le",
"product_id": "mariadb-10.9.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.9.3-1.1.ppc64le",
"product": {
"name": "mariadb-bench-10.9.3-1.1.ppc64le",
"product_id": "mariadb-bench-10.9.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.9.3-1.1.ppc64le",
"product": {
"name": "mariadb-client-10.9.3-1.1.ppc64le",
"product_id": "mariadb-client-10.9.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-errormessages-10.9.3-1.1.ppc64le",
"product": {
"name": "mariadb-errormessages-10.9.3-1.1.ppc64le",
"product_id": "mariadb-errormessages-10.9.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-galera-10.9.3-1.1.ppc64le",
"product": {
"name": "mariadb-galera-10.9.3-1.1.ppc64le",
"product_id": "mariadb-galera-10.9.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-rpm-macros-10.9.3-1.1.ppc64le",
"product": {
"name": "mariadb-rpm-macros-10.9.3-1.1.ppc64le",
"product_id": "mariadb-rpm-macros-10.9.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.9.3-1.1.ppc64le",
"product": {
"name": "mariadb-test-10.9.3-1.1.ppc64le",
"product_id": "mariadb-test-10.9.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.9.3-1.1.ppc64le",
"product": {
"name": "mariadb-tools-10.9.3-1.1.ppc64le",
"product_id": "mariadb-tools-10.9.3-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libmariadbd-devel-10.9.3-1.1.s390x",
"product": {
"name": "libmariadbd-devel-10.9.3-1.1.s390x",
"product_id": "libmariadbd-devel-10.9.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libmariadbd19-10.9.3-1.1.s390x",
"product": {
"name": "libmariadbd19-10.9.3-1.1.s390x",
"product_id": "libmariadbd19-10.9.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-10.9.3-1.1.s390x",
"product": {
"name": "mariadb-10.9.3-1.1.s390x",
"product_id": "mariadb-10.9.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.9.3-1.1.s390x",
"product": {
"name": "mariadb-bench-10.9.3-1.1.s390x",
"product_id": "mariadb-bench-10.9.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.9.3-1.1.s390x",
"product": {
"name": "mariadb-client-10.9.3-1.1.s390x",
"product_id": "mariadb-client-10.9.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-errormessages-10.9.3-1.1.s390x",
"product": {
"name": "mariadb-errormessages-10.9.3-1.1.s390x",
"product_id": "mariadb-errormessages-10.9.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-galera-10.9.3-1.1.s390x",
"product": {
"name": "mariadb-galera-10.9.3-1.1.s390x",
"product_id": "mariadb-galera-10.9.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-rpm-macros-10.9.3-1.1.s390x",
"product": {
"name": "mariadb-rpm-macros-10.9.3-1.1.s390x",
"product_id": "mariadb-rpm-macros-10.9.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.9.3-1.1.s390x",
"product": {
"name": "mariadb-test-10.9.3-1.1.s390x",
"product_id": "mariadb-test-10.9.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.9.3-1.1.s390x",
"product": {
"name": "mariadb-tools-10.9.3-1.1.s390x",
"product_id": "mariadb-tools-10.9.3-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libmariadbd-devel-10.9.3-1.1.x86_64",
"product": {
"name": "libmariadbd-devel-10.9.3-1.1.x86_64",
"product_id": "libmariadbd-devel-10.9.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmariadbd19-10.9.3-1.1.x86_64",
"product": {
"name": "libmariadbd19-10.9.3-1.1.x86_64",
"product_id": "libmariadbd19-10.9.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-10.9.3-1.1.x86_64",
"product": {
"name": "mariadb-10.9.3-1.1.x86_64",
"product_id": "mariadb-10.9.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.9.3-1.1.x86_64",
"product": {
"name": "mariadb-bench-10.9.3-1.1.x86_64",
"product_id": "mariadb-bench-10.9.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.9.3-1.1.x86_64",
"product": {
"name": "mariadb-client-10.9.3-1.1.x86_64",
"product_id": "mariadb-client-10.9.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-errormessages-10.9.3-1.1.x86_64",
"product": {
"name": "mariadb-errormessages-10.9.3-1.1.x86_64",
"product_id": "mariadb-errormessages-10.9.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-galera-10.9.3-1.1.x86_64",
"product": {
"name": "mariadb-galera-10.9.3-1.1.x86_64",
"product_id": "mariadb-galera-10.9.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-rpm-macros-10.9.3-1.1.x86_64",
"product": {
"name": "mariadb-rpm-macros-10.9.3-1.1.x86_64",
"product_id": "mariadb-rpm-macros-10.9.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.9.3-1.1.x86_64",
"product": {
"name": "mariadb-test-10.9.3-1.1.x86_64",
"product_id": "mariadb-test-10.9.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.9.3-1.1.x86_64",
"product": {
"name": "mariadb-tools-10.9.3-1.1.x86_64",
"product_id": "mariadb-tools-10.9.3-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.9.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64"
},
"product_reference": "libmariadbd-devel-10.9.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.9.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le"
},
"product_reference": "libmariadbd-devel-10.9.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.9.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x"
},
"product_reference": "libmariadbd-devel-10.9.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.9.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64"
},
"product_reference": "libmariadbd-devel-10.9.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.9.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64"
},
"product_reference": "libmariadbd19-10.9.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.9.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le"
},
"product_reference": "libmariadbd19-10.9.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.9.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x"
},
"product_reference": "libmariadbd19-10.9.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.9.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64"
},
"product_reference": "libmariadbd19-10.9.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.9.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64"
},
"product_reference": "mariadb-10.9.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.9.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le"
},
"product_reference": "mariadb-10.9.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.9.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x"
},
"product_reference": "mariadb-10.9.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.9.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64"
},
"product_reference": "mariadb-10.9.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-bench-10.9.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64"
},
"product_reference": "mariadb-bench-10.9.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-bench-10.9.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le"
},
"product_reference": "mariadb-bench-10.9.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-bench-10.9.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x"
},
"product_reference": "mariadb-bench-10.9.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-bench-10.9.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64"
},
"product_reference": "mariadb-bench-10.9.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.9.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64"
},
"product_reference": "mariadb-client-10.9.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.9.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le"
},
"product_reference": "mariadb-client-10.9.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.9.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x"
},
"product_reference": "mariadb-client-10.9.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.9.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64"
},
"product_reference": "mariadb-client-10.9.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.9.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64"
},
"product_reference": "mariadb-errormessages-10.9.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.9.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le"
},
"product_reference": "mariadb-errormessages-10.9.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.9.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x"
},
"product_reference": "mariadb-errormessages-10.9.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.9.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64"
},
"product_reference": "mariadb-errormessages-10.9.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-galera-10.9.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64"
},
"product_reference": "mariadb-galera-10.9.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-galera-10.9.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le"
},
"product_reference": "mariadb-galera-10.9.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-galera-10.9.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x"
},
"product_reference": "mariadb-galera-10.9.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-galera-10.9.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64"
},
"product_reference": "mariadb-galera-10.9.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-rpm-macros-10.9.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64"
},
"product_reference": "mariadb-rpm-macros-10.9.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-rpm-macros-10.9.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le"
},
"product_reference": "mariadb-rpm-macros-10.9.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-rpm-macros-10.9.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x"
},
"product_reference": "mariadb-rpm-macros-10.9.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-rpm-macros-10.9.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64"
},
"product_reference": "mariadb-rpm-macros-10.9.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-test-10.9.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64"
},
"product_reference": "mariadb-test-10.9.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-test-10.9.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le"
},
"product_reference": "mariadb-test-10.9.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-test-10.9.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x"
},
"product_reference": "mariadb-test-10.9.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-test-10.9.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64"
},
"product_reference": "mariadb-test-10.9.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.9.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64"
},
"product_reference": "mariadb-tools-10.9.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.9.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le"
},
"product_reference": "mariadb-tools-10.9.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.9.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x"
},
"product_reference": "mariadb-tools-10.9.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.9.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64"
},
"product_reference": "mariadb-tools-10.9.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-25032",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-25032"
}
],
"notes": [
{
"category": "general",
"text": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-25032",
"url": "https://www.suse.com/security/cve/CVE-2018-25032"
},
{
"category": "external",
"summary": "SUSE Bug 1197459 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1197459"
},
{
"category": "external",
"summary": "SUSE Bug 1197893 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1197893"
},
{
"category": "external",
"summary": "SUSE Bug 1198667 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1198667"
},
{
"category": "external",
"summary": "SUSE Bug 1199104 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1199104"
},
{
"category": "external",
"summary": "SUSE Bug 1200049 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1200049"
},
{
"category": "external",
"summary": "SUSE Bug 1201732 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1201732"
},
{
"category": "external",
"summary": "SUSE Bug 1202688 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1202688"
},
{
"category": "external",
"summary": "SUSE Bug 1224427 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1224427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2018-25032"
},
{
"cve": "CVE-2022-32081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32081"
}
],
"notes": [
{
"category": "general",
"text": "MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepare_inplace_add_virtual at /storage/innobase/handler/handler0alter.cc.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32081",
"url": "https://www.suse.com/security/cve/CVE-2022-32081"
},
{
"category": "external",
"summary": "SUSE Bug 1201161 for CVE-2022-32081",
"url": "https://bugzilla.suse.com/1201161"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-32081"
},
{
"cve": "CVE-2022-32082",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32082"
}
],
"notes": [
{
"category": "general",
"text": "MariaDB v10.5 to v10.7 was discovered to contain an assertion failure at table-\u003eget_ref_count() == 0 in dict0dict.cc.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32082",
"url": "https://www.suse.com/security/cve/CVE-2022-32082"
},
{
"category": "external",
"summary": "SUSE Bug 1201162 for CVE-2022-32082",
"url": "https://bugzilla.suse.com/1201162"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-32082"
},
{
"cve": "CVE-2022-32084",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32084"
}
],
"notes": [
{
"category": "general",
"text": "MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component sub_select.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32084",
"url": "https://www.suse.com/security/cve/CVE-2022-32084"
},
{
"category": "external",
"summary": "SUSE Bug 1201164 for CVE-2022-32084",
"url": "https://bugzilla.suse.com/1201164"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-32084"
},
{
"cve": "CVE-2022-32089",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32089"
}
],
"notes": [
{
"category": "general",
"text": "MariaDB v10.5 to v10.7 was discovered to contain a segmentation fault via the component st_select_lex_unit::exclude_level.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32089",
"url": "https://www.suse.com/security/cve/CVE-2022-32089"
},
{
"category": "external",
"summary": "SUSE Bug 1201169 for CVE-2022-32089",
"url": "https://bugzilla.suse.com/1201169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-32089"
},
{
"cve": "CVE-2022-32091",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32091"
}
],
"notes": [
{
"category": "general",
"text": "MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32091",
"url": "https://www.suse.com/security/cve/CVE-2022-32091"
},
{
"category": "external",
"summary": "SUSE Bug 1201170 for CVE-2022-32091",
"url": "https://bugzilla.suse.com/1201170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-32091"
},
{
"cve": "CVE-2022-38791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-38791"
}
],
"notes": [
{
"category": "general",
"text": "In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-38791",
"url": "https://www.suse.com/security/cve/CVE-2022-38791"
},
{
"category": "external",
"summary": "SUSE Bug 1202863 for CVE-2022-38791",
"url": "https://bugzilla.suse.com/1202863"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd-devel-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:libmariadbd19-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-bench-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-client-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-errormessages-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-galera-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-rpm-macros-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-test-10.9.3-1.1.x86_64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.aarch64",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.ppc64le",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.s390x",
"openSUSE Tumbleweed:mariadb-tools-10.9.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-38791"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…