Yaoguang

**Name of the Vulnerable Software and Affected Versions** MariaDB Server versions 10.7 and below **Description** An issue in the component Used tables and const cache::used tables and const cache join of MariaDB Server was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. The vulnerability is related to the lack of protection measures for the SQL query structure, which can be exploited by a remote attacker to cause a denial of service. **Recommendations** For MariaDB Server versions 10.7 and below, consider disabling the Used tables and const cache::used tables and const cache join component as a temporary workaround until a patch is available. Restrict access to the SQL query functionality to minimize the risk of exploitation. Avoid using specially crafted SQL statements in the affected component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MariaDB versions 10.5 through 10.7 **Description** The issue is related to a segmentation fault in the st select lex unit::exclude level component of the MariaDB database management system. This can potentially allow a remote attacker to impact the availability of protected information due to a buffer overflow in memory. **Recommendations** For MariaDB versions 10.5 through 10.7, update to a version that contains a fix for this issue. As a temporary workaround, consider restricting access to the st select lex unit::exclude level component until a patch is available.

**Name of the Vulnerable Software and Affected Versions** MariaDB Server versions 10.6 and below **Description** The issue is related to an use-after-free in the `my strcasecmp 8bit` component of MariaDB Server, which can be exploited through specially crafted SQL statements, potentially allowing a remote attacker to cause a denial of service. **Recommendations** For MariaDB Server versions 10.6 and below, consider restricting the use of the `my strcasecmp 8bit` component until a patch is available. As a temporary workaround, avoid using specially crafted SQL statements that could trigger the use-after-free condition. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MariaDB versions v10.2 through v10.6.1 **Description** The issue is related to a buffer overflow in the `Item subselect::init expr cache tracker` function of the MariaDB database management system. This can be exploited by a remote attacker to impact the confidentiality, integrity, and availability of protected information. The vulnerability is caused by a segmentation fault via the `Item subselect::init expr cache tracker` component. **Recommendations** For MariaDB versions v10.2 through v10.6.1, consider disabling the `Item subselect::init expr cache tracker` function until a patch is available to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MariaDB Server versions 10.7 and below **Description** The issue is related to a global buffer overflow in the decimal bin size component of the MariaDB Server system. This can be exploited by a remote attacker using specially crafted SQL statements, potentially leading to a denial of service. **Recommendations** For MariaDB Server versions 10.7 and below, consider updating to a version that includes the fix for this issue, as mentioned in the release notes. As a temporary workaround, restrict the use of specially crafted SQL statements to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** MariaDB Server versions 10.6.5 and below **Description** The issue is related to an use-after-free in the component `Item args::walk arg`, which can be exploited via specially crafted SQL statements, potentially allowing a remote attacker to cause a denial of service. **Recommendations** For MariaDB Server versions 10.6.5 and below, consider updating to a version above 10.6.5 to resolve the issue. As a temporary workaround, consider restricting the use of specially crafted SQL statements to minimize the risk of exploitation.