CVE-2020-7221

Name of the Vulnerable Software and Affected Versions MariaDB versions 10.4.7 through 10.4.11

Description The issue is related to the mysql install db function in MariaDB, which incorrectly defines a link before accessing a file. This can allow an attacker to escalate privileges from the mysql user account to root. The vulnerability can be exploited through a symlink attack on a chmod 04755 of auth pam tool dir/auth pam tool. It is noted that this issue does not affect the Oracle MySQL product, as it implements mysql install db differently.

Recommendations For MariaDB versions 10.4.7 through 10.4.11, consider restricting access to the mysql install db function until a patch is available. As a temporary workaround, avoid using the chown and chmod commands unsafely, and restrict access to the auth pam tool dir/auth pam tool directory to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.