PT-2022-3334 · Mariadb+10 · Mariadb+11
Jingzhou Fu
·
Published
2021-08-19
·
Updated
2025-06-10
·
CVE-2022-32091
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
MariaDB version 10.7
Description
The issue is related to an out-of-bounds operation in the
interceptor memset function, located at /libsanitizer/sanitizer common/sanitizer common interceptors.inc, which can be exploited by a remote attacker to impact the confidentiality, integrity, and availability of protected information. This is also described as a use-after-poison condition in the same function.Recommendations
For MariaDB version 10.7, as a temporary workaround, consider disabling the
interceptor memset function until a patch is available. However, since specific guidance on resolving the issue for this version is not provided, it is essential to monitor for official patches or updates from MariaDB. At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Use After Free
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Mariadb
Mariadb Server
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu