PT-2022-5556 · Mariadb+9 · Mariadb Server+9

Published

2020-11-09

Updated

2024-05-01

CVE-2022-27458

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions MariaDB Server versions prior to 10.6.3

Description The issue is related to the use of memory after it has been freed in the Binary string::free buffer() function of the MariaDB component /sql/sql string.h. This can be exploited by a remote attacker to cause a denial of service.

Recommendations For MariaDB Server versions prior to 10.6.3, update to a version 10.6.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the Binary string::free buffer() function until a patch is available.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2022:5826

ALSA-2022:5948

ALSA-2022:6443

ALT-PU-2022-2360

ALT-PU-2022-2446

ALT-PU-2023-1583

ALT-PU-2023-6462

BDU:2022-06910

BIT-MARIADB-2022-27458

BIT-MYSQL-CLIENT-2022-27458

CESA-2022_5826

CESA-2022_6443

CVE-2022-27458

DLA-3114-1

DLA-3114-2

OESA-2022-1681

OPENSUSE-SU-2022_2003-1

OPENSUSE-SU-2022_2561-1

RHSA-2022:5759

RHSA-2022:5826

RHSA-2022:5948

RHSA-2022:6306

RHSA-2022:6443

RHSA-2022_5826

RHSA-2022_5948

RHSA-2022_6443

RHSA-2023:6821

RLSA-2022:5826

RLSA-2022:5948

RLSA-2022:6443

ROSA-SA-2023-2254

SUSE-RU-2023:3956-1

SUSE-RU-2023:4991-1

SUSE-SU-2022:2003-1

SUSE-SU-2022:2189-1

SUSE-SU-2022:2561-1

USN-5739-1

USN-5739-2

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Linuxmint

Mariadb Server

Red Hat

Rocky Linux

Suse

Ubuntu

PT-2022-5556 · Mariadb+9 · Mariadb Server+9

CVE-2022-27458

Weakness Enumeration

Related Identifiers

Affected Products

References · 672