Summary: | <dev-db/mariadb-{10.2.43,10.3.34,10.4.25,10.5.15,10.6.8}: multiple vulnerabilities (CVE-2022-{31621-31624}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | filip ambroz <filip.ambroz> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | mysql-bugs |
Priority: | Normal | Keywords: | PullRequest |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: | https://github.com/gentoo/gentoo/pull/26397 | ||
Whiteboard: | B3 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 838244 | ||
Bug Blocks: |
Description
filip ambroz
2022-05-26 07:19:48 UTC
CVE-2022-31623 (https://github.com/MariaDB/server/pull/1938): https://github.com/MariaDB/server/commit/7c30bc38a588b22b01f11130cfe99e7f36accf94 MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (i.e., going to the err label) while executing the method create_worker_threads, the held lock thd->ctrl_mutex is not released correctly, which allows local users to trigger a denial of service due to the deadlock. CVE-2022-31622 (https://jira.mariadb.org/browse/MDEV-26561?filter=-2): https://github.com/MariaDB/server/commit/e1eb39a446c30b8459c39fd7f2ee1c55a36e97d2 MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (pthread_create returns a nonzero value) while executing the method create_worker_threads, the held lock is not released correctly, which allows local users to trigger a denial of service due to the deadlock. Fixes in 10.2.42, 10.3.33, 10.4.23, 10.5.14, 10.6.6. These all have fixes in tree and we're waiting for stabilization now. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=da14e699f370d254bf6ffe16cc1ac0492d0ddebe commit da14e699f370d254bf6ffe16cc1ac0492d0ddebe Author: Tomáš Mózes <hydrapolic@gmail.com> AuthorDate: 2022-07-14 09:04:16 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-07-15 01:22:02 +0000 dev-db/mariadb: drop vulnerable Bug: https://bugs.gentoo.org/847526 Bug: https://bugs.gentoo.org/838244 Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com> Closes: https://github.com/gentoo/gentoo/pull/26397 Signed-off-by: Sam James <sam@gentoo.org> dev-db/mariadb/Manifest | 13 - dev-db/mariadb/mariadb-10.2.41.ebuild | 1289 ------------------------------ dev-db/mariadb/mariadb-10.2.43.ebuild | 1292 ------------------------------ dev-db/mariadb/mariadb-10.3.32.ebuild | 1281 ------------------------------ dev-db/mariadb/mariadb-10.3.34.ebuild | 1284 ------------------------------ dev-db/mariadb/mariadb-10.4.22.ebuild | 1302 ------------------------------ dev-db/mariadb/mariadb-10.5.13.ebuild | 1309 ------------------------------ dev-db/mariadb/mariadb-10.5.15.ebuild | 1309 ------------------------------ dev-db/mariadb/mariadb-10.6.5-r1.ebuild | 1311 ------------------------------ dev-db/mariadb/mariadb-10.6.8.ebuild | 1316 ------------------------------- 10 files changed, 11706 deletions(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=b69f175bb86c550d8cad22e4c391edbf3ccd7c16 commit b69f175bb86c550d8cad22e4c391edbf3ccd7c16 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-05-08 08:40:00 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-05-08 08:40:18 +0000 [ GLSA 202405-25 ] MariaDB: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/699874 Bug: https://bugs.gentoo.org/822759 Bug: https://bugs.gentoo.org/832490 Bug: https://bugs.gentoo.org/838244 Bug: https://bugs.gentoo.org/847526 Bug: https://bugs.gentoo.org/856484 Bug: https://bugs.gentoo.org/891781 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202405-25.xml | 111 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 111 insertions(+) |