849389 – (CVE-2022-26944) <dev-db/percona-xtrabackup{-bin,}-8.0.29.22: sensitive arguments leaked into backup file

Bug 849389 (CVE-2022-26944) - <dev-db/percona-xtrabackup{-bin,}-8.0.29.22: sensitive arguments leaked into backup file

Summary: <dev-db/percona-xtrabackup{-bin,}-8.0.29.22: sensitive arguments leaked into ...

Status:	RESOLVED FIXED

Alias:	CVE-2022-26944

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal minor
Assignee:	Gentoo Security

URL:	https://docs.percona.com/percona-xtra...
Whiteboard:	B4 [glsa+]
Keywords:

Depends on:
Blocks:

Reported:	2022-06-02 21:08 UTC by John Helmert III
Modified:	2024-08-09 07:00 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description John Helmert III archtester

2022-06-02 21:08:52 UTC

CVE-2022-26944:

Percona XtraBackup 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONA_SCHEMA.xtrabackup_history table. NOTE: this issue exists because of an incomplete fix for CVE-2020-10997.

Fixed in 2.4.25, but there seems to be newer versions in tree for the non-bin?

Comment 1 Larry the Git Cow gentoo-dev

2022-11-24 16:19:08 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=398e7bf822fb1f93466348bfc5d123f92de610e9

commit 398e7bf822fb1f93466348bfc5d123f92de610e9
Author:     John Helmert III <ajak@gentoo.org>
AuthorDate: 2022-11-24 16:16:28 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2022-11-24 16:18:56 +0000

    profiles: last rite dev-db/percona-xtrabackup-bin
    
    Bug: https://bugs.gentoo.org/849389
    Bug: https://bugs.gentoo.org/864367
    Bug: https://bugs.gentoo.org/882783
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 profiles/package.mask | 6 ++++++
 1 file changed, 6 insertions(+)

Comment 2 Christopher Fore 2024-04-21 20:23:00 UTC

Looks like this was also affected in 8.x and fixed in 8.0.28-20, PXB-2722.

https://github.com/percona/percona-xtrabackup/blob/trunk/storage/innobase/xtrabackup/doc/docs/release-notes/8.0/8.0.28-20.0.md#bugs-fixed

With the commit:

https://github.com/percona/percona-xtrabackup/commit/c0848e8b3ac5b380f8fa96bb3e7982077578745e

Comment 3 Larry the Git Cow gentoo-dev

2024-08-09 07:00:09 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=2b5bbd4f1445dc34005f336c882dfa513aef8a89

commit 2b5bbd4f1445dc34005f336c882dfa513aef8a89
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2024-08-09 06:59:52 +0000
Commit:     Hans de Graaff <graaff@gentoo.org>
CommitDate: 2024-08-09 07:00:07 +0000

    [ GLSA 202408-15 ] Percona XtraBackup: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/849389
    Bug: https://bugs.gentoo.org/908033
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Hans de Graaff <graaff@gentoo.org>

 glsa-202408-15.xml | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)