PT-2022-6933 · Mariadb+9 · Mariadb Server+9

Jingzhou Fu

Published

2022-03-16

Updated

2025-06-10

CVE-2022-27455

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions MariaDB Server versions 10.6.3 and below

Description The issue is related to a use-after-free vulnerability in the my wildcmp 8bit impl component of the MariaDB database management system. This vulnerability can be exploited by a remote attacker to cause a denial of service. The vulnerability is associated with the use of memory after it has been freed.

Recommendations For MariaDB Server versions 10.6.3 and below, consider updating to a version above 10.6.3 to resolve the issue. As a temporary workaround, consider restricting access to the my wildcmp 8bit impl component to minimize the risk of exploitation.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2022:5826

ALSA-2022:5948

ALT-PU-2022-2360

ALT-PU-2022-2446

ALT-PU-2023-1583

ALT-PU-2023-6462

BDU:2023-05677

BIT-MARIADB-2022-27455

BIT-MARIADB-MIN-2022-27455

BIT-MYSQL-CLIENT-2022-27455

CESA-2022_5826

CVE-2022-27455

OESA-2022-1681

OPENSUSE-SU-2022_2003-1

OPENSUSE-SU-2022_2561-1

RHSA-2022:5759

RHSA-2022:5826

RHSA-2022:5948

RHSA-2022_5826

RHSA-2022_5948

RHSA-2023:6821

RLSA-2022:5826

RLSA-2022:5948

ROSA-SA-2023-2254

SUSE-RU-2023:3956-1

SUSE-RU-2023:4991-1

SUSE-SU-2022:2003-1

SUSE-SU-2022:2189-1

SUSE-SU-2022:2561-1

USN-5739-1

USN-5739-2

Affected Products

Alt Linux

Almalinux

Centos

Linuxmint

Mariadb Server

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

PT-2022-6933 · Mariadb+9 · Mariadb Server+9

CVE-2022-27455

Weakness Enumeration

Related Identifiers

Affected Products

References · 648