Main Vulnerability Database SB2019110827

SB2019110827 - Improper input validation in mariadb (Alpine package)

Published: November 8, 2019

Security Bulletin ID SB2019110827

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper input validation (CVE-ID: CVE-2019-2974)

The vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.alpinelinux.org/aports/commit/?id=73fe4656a188cc9632aa686ff35b2040620673ad
https://git.alpinelinux.org/aports/commit/?id=6b6d98fb4bea715b1237346e733643e1af35fa09
https://git.alpinelinux.org/aports/commit/?id=d0f84ac4fe5c0719f72bc62e241b819a3bacdf46
https://git.alpinelinux.org/aports/commit/?id=50e386f08836e7e977b9d693e1f81cc6916d9a27
https://git.alpinelinux.org/aports/commit/?id=04ffd24b186af4b064d5c00e85e0536832c29154