Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 917515 - <dev-db/mariadb-{10.6.16,10.11.6}: denial of service
Summary: <dev-db/mariadb-{10.6.16,10.11.6}: denial of service
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
Whiteboard: B3 [stable?]
Keywords: PullRequest
Depends on: 919865 927278
Blocks: CVE-2023-22084
  Show dependency tree
Reported: 2023-11-17 17:12 UTC by Tomáš Mózes
Modified: 2024-04-06 07:25 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Tomáš Mózes 2023-11-17 17:13:12 UTC
10.6 / 10.11 vulnerable
Comment 3 Hans de Graaff gentoo-dev Security 2023-11-18 08:17:55 UTC
"Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. "
Comment 4 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-11-28 16:16:18 UTC
Apparently affects mysql too, moving CVE to a tracker.
Comment 5 Larry the Git Cow gentoo-dev 2024-01-30 18:47:03 UTC
The bug has been referenced in the following commit(s):

commit 928db5c7c38aeffca38c5105864e2fcb67cda315
Author:     Tomáš Mózes <>
AuthorDate: 2024-01-11 15:03:33 +0000
Commit:     Petr Vaněk <>
CommitDate: 2024-01-30 18:45:57 +0000

    dev-db/mariadb: add 10.6.16, 10.11.6
    Signed-off-by: Tomáš Mózes <>
    Signed-off-by: Petr Vaněk <>

 dev-db/mariadb/Manifest               |    4 +
 dev-db/mariadb/mariadb-10.11.6.ebuild | 1318 ++++++++++++++++++++++++++++++++
 dev-db/mariadb/mariadb-10.6.16.ebuild | 1329 +++++++++++++++++++++++++++++++++
 3 files changed, 2651 insertions(+)
Comment 6 Hans de Graaff gentoo-dev Security 2024-04-06 07:25:54 UTC
I've moved this bug back to "stable?" since only amd64 and x86 were dealt with in the stable bug and arm, arm64, ppc, ppc64 still remain to be done.