PT-2021-24338 · Mariadb+7 · Mariadb+8

Zuming Jiang

Published

2021-08-06

Updated

2025-06-10

CVE-2021-46658

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: MariaDB versions prior to 10.6.3

Description: The issue arises from the incorrect handling of with window func=true for a subquery in the save window function values function, leading to an application crash.

Recommendations: For MariaDB versions prior to 10.6.3, update to version 10.6.3 or later to resolve the issue. As a temporary workaround, consider avoiding the use of with window func=true for subqueries in the save window function values function until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

ALSA-2022:1556

ALSA-2022:1557

ALT-PU-2022-2360

ALT-PU-2022-2446

ALT-PU-2023-1583

ALT-PU-2023-6462

AZL-8453

BIT-MARIADB-2021-46658

BIT-MARIADB-MIN-2021-46658

BIT-MYSQL-CLIENT-2021-46658

CESA-2022_1556

CESA-2022_1557

CVE-2021-46658

OESA-2022-1616

OPENSUSE-SU-2022:0731-1

OPENSUSE-SU-2022_0725-1

OPENSUSE-SU-2022_0726-1

OPENSUSE-SU-2022_0731-1

OPENSUSE-SU-2022_0731-2

OPENSUSE-SU-2022_2561-1

OPENSUSE-SU-2024:11867-1

RHSA-2022:1007

RHSA-2022:1010

RHSA-2022:1556

RHSA-2022:1557

RHSA-2022:4818

RHSA-2022_1556

RHSA-2022_1557

RHSA-2023:6821

RLSA-2022:1556

RLSA-2022:1557

ROSA-SA-2023-2252

SUSE-RU-2023:3956-1

SUSE-RU-2023:4991-1

SUSE-SU-2022:0725-1

SUSE-SU-2022:0726-1

SUSE-SU-2022:0731-1

SUSE-SU-2022:0731-2

SUSE-SU-2022:0782-1

SUSE-SU-2022:2561-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Mariadb

Mariadb Server

Red Hat

Rocky Linux

Suse

PT-2021-24338 · Mariadb+7 · Mariadb+8

CVE-2021-46658

Related Identifiers

Affected Products

References · 511