Bug 891781 (CVE-2022-47015)

Summary:	<dev-db/mariadb-{10.4.29, 10.5.20, 10.6.13, 10.11.3}: null pointer dereference vulnerability
Product:	Gentoo Security	Reporter:	John Helmert III <ajak>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	minor	CC:	mysql-bugs
Priority:	Normal	Keywords:	PullRequest
Version:	unspecified
Hardware:	All
OS:	Linux
See Also:	https://github.com/gentoo/gentoo/pull/31276
Whiteboard:	B3 [glsa+]
Package list:		Runtime testing required:	---
Bug Depends on:	909334
Bug Blocks:

Description John Helmert III archtester

2023-01-22 23:21:20 UTC

CVE-2022-47015 (https://github.com/MariaDB/server/commit/be0a46b3d52b58956fd0d47d040b9f4514406954):

MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer.

The CVE references a commit that Github says isn't in the repository,
but there is another commit with a similar summary:

https://github.com/MariaDB/server/commit/1e16921d77955e67e8a2e25b62523f526d29c2ed

Either way, not in any tag so not sure it's in any release.

Comment 1 Larry the Git Cow gentoo-dev

2023-06-03 02:08:10 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3a6989ff9a6c9f4e650adf8d7825b5ae89f104ae

commit 3a6989ff9a6c9f4e650adf8d7825b5ae89f104ae
Author:     Tomáš Mózes <hydrapolic@gmail.com>
AuthorDate: 2023-06-02 17:25:40 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-06-03 02:07:21 +0000

    dev-db/mariadb: add 10.4.29, 10.5.20, 10.6.13, 10.11.3
    
    Bug: https://bugs.gentoo.org/891781
    Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com>
    Closes: https://github.com/gentoo/gentoo/pull/31276
    Signed-off-by: Sam James <sam@gentoo.org>

 dev-db/mariadb/Manifest               |    6 +
 dev-db/mariadb/mariadb-10.11.3.ebuild | 1319 ++++++++++++++++++++++++++++++++
 dev-db/mariadb/mariadb-10.4.29.ebuild | 1312 ++++++++++++++++++++++++++++++++
 dev-db/mariadb/mariadb-10.5.20.ebuild | 1319 ++++++++++++++++++++++++++++++++
 dev-db/mariadb/mariadb-10.6.13.ebuild | 1329 +++++++++++++++++++++++++++++++++
 5 files changed, 5285 insertions(+)

Comment 2 Larry the Git Cow gentoo-dev

2024-05-08 08:40:32 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=b69f175bb86c550d8cad22e4c391edbf3ccd7c16

commit b69f175bb86c550d8cad22e4c391edbf3ccd7c16
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2024-05-08 08:40:00 +0000
Commit:     Hans de Graaff <graaff@gentoo.org>
CommitDate: 2024-05-08 08:40:18 +0000

    [ GLSA 202405-25 ] MariaDB: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/699874
    Bug: https://bugs.gentoo.org/822759
    Bug: https://bugs.gentoo.org/832490
    Bug: https://bugs.gentoo.org/838244
    Bug: https://bugs.gentoo.org/847526
    Bug: https://bugs.gentoo.org/856484
    Bug: https://bugs.gentoo.org/891781
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Hans de Graaff <graaff@gentoo.org>

 glsa-202405-25.xml | 111 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 111 insertions(+)