Main Vulnerability Database SB2023111762

SB2023111762 - openEuler update for mariadb

Published: November 17, 2023

Security Bulletin ID SB2023111762

Severity

Medium

Patch available

YES

Number of vulnerabilities 5

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.

1) Infinite loop (CVE-ID: CVE-2022-0778)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the BN_mod_sqrt() function when processing an ASN.1 certificate that contains elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. A remote attacker can supply a specially crafted certificate to the TLS server or client, consume all available system resources and cause denial of service conditions.

2) Buffer overflow (CVE-ID: CVE-2022-32085)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a segmentation fault via the component Item_func_in::cleanup/Item::cleanup_processor. A local user can send a specially crafted file, trigger memory corruption and escalate privileges on the system.

3) Buffer overflow (CVE-ID: CVE-2022-32087)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a segmentation fault via the component Item_args::walk_args. A local user can send a specially crafted file, trigger memory corruption and escalate privileges on the system.

4) Buffer overflow (CVE-ID: CVE-2022-32091)

The vulnerability allows a local user to execute arbitrary code on the target system.

The vulnerability exists due to a use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc. A local user can create a specially crafted file and execute arbitrary code on the target system.

5) NULL pointer dereference (CVE-ID: CVE-2022-47015)

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the spider_db_mbase::print_warnings() function. A remote user can pass specially crafted data to the server and perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1830

Vulnerable Software

openEuler: 20.03 LTS SP1 - 22.03 LTS SP2
mariadb-server-galera: before 10.3.39-1
mariadb-server: before 10.3.39-1
mariadb-embedded: before 10.3.39-1
mariadb-gssapi-server: before 10.3.39-1
mariadb-common: before 10.3.39-1
mariadb-embedded-devel: before 10.3.39-1
mariadb-test: before 10.3.39-1
mariadb-devel: before 10.3.39-1
mariadb-backup: before 10.3.39-1
mariadb-debugsource: before 10.3.39-1
mariadb-oqgraph-engine: before 10.3.39-1
mariadb-debuginfo: before 10.3.39-1
mariadb-cracklib: before 10.3.39-1
mariadb-errmessage: before 10.3.39-1
mariadb: before 10.3.39-1

SB2023111762 - openEuler update for mariadb

Breakdown by Severity

Description

Remediation

References

Please verify you're human