Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 856484 (CVE-2022-32081, CVE-2022-32082, CVE-2022-32084, CVE-2022-32088, CVE-2022-38791, CVE-2023-5157) - <dev-db/mariadb-{10.3.36, 10.4.26, 10.5.17, 10.6.10}: multiple vulnerabilities
Summary: <dev-db/mariadb-{10.3.36, 10.4.26, 10.5.17, 10.6.10}: multiple vulnerabilities
Status: CONFIRMED
Alias: CVE-2022-32081, CVE-2022-32082, CVE-2022-32084, CVE-2022-32088, CVE-2022-38791, CVE-2023-5157
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [glsa]
Keywords: PullRequest
Depends on: 883965
Blocks:
  Show dependency tree
 
Reported: 2022-07-05 04:42 UTC by John Helmert III
Modified: 2024-03-24 07:58 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-07-05 04:42:00 UTC
CVE-2022-32081 (https://jira.mariadb.org/browse/MDEV-26420):

MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepare_inplace_add_virtual at /storage/innobase/handler/handler0alter.cc.

CVE-2022-32082 (https://jira.mariadb.org/browse/MDEV-26433):

MariaDB v10.5 to v10.7 was discovered to contain an assertion failure at table->get_ref_count() == 0 in dict0dict.cc.

CVE-2022-32084 (https://jira.mariadb.org/browse/MDEV-26427):

MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component sub_select.

CVE-2022-32088 (https://jira.mariadb.org/browse/MDEV-26419):

MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort.

All "unresolved" according to Jira.
Comment 1 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-08-27 22:54:05 UTC
CVE-2022-38791 (https://jira.mariadb.org/browse/MDEV-28719):

In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.

Looks like this is fixed in 10.3.36, 10.4.26, 10.5.17, 10.6.9 according to the jira ticket
Comment 2 Larry the Git Cow gentoo-dev 2022-10-28 12:34:28 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=89624d763af7d3357979d432e9ac5f1dc79ccea1

commit 89624d763af7d3357979d432e9ac5f1dc79ccea1
Author:     Tomáš Mózes <hydrapolic@gmail.com>
AuthorDate: 2022-10-21 14:21:53 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-10-28 12:21:08 +0000

    dev-db/mariadb: add 10.3.36/10.4.26/10.5.17/10.6.10
    
    Bug: https://bugs.gentoo.org/856484
    Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com>
    Closes: https://github.com/gentoo/gentoo/pull/27877
    Signed-off-by: Sam James <sam@gentoo.org>

 dev-db/mariadb/Manifest               |    8 +
 dev-db/mariadb/mariadb-10.3.36.ebuild | 1287 ++++++++++++++++++++++++++++++++
 dev-db/mariadb/mariadb-10.4.26.ebuild | 1308 ++++++++++++++++++++++++++++++++
 dev-db/mariadb/mariadb-10.5.17.ebuild | 1315 ++++++++++++++++++++++++++++++++
 dev-db/mariadb/mariadb-10.6.10.ebuild | 1319 +++++++++++++++++++++++++++++++++
 5 files changed, 5237 insertions(+)
Comment 3 Larry the Git Cow gentoo-dev 2022-12-14 03:52:54 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=239a967711dd12b03af74eca33a8133ee36ba978

commit 239a967711dd12b03af74eca33a8133ee36ba978
Author:     Tomas Mozes <hydrapolic@gmail.com>
AuthorDate: 2022-12-09 19:14:27 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-12-14 03:52:13 +0000

    dev-db/mariadb: remove vulnerable and eol
    
    Bug: https://bugs.gentoo.org/856484
    Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com>
    Signed-off-by: Sam James <sam@gentoo.org>

 dev-db/mariadb/Manifest                 |   10 -
 dev-db/mariadb/mariadb-10.2.44.ebuild   | 1294 ------------------------------
 dev-db/mariadb/mariadb-10.3.35.ebuild   | 1286 ------------------------------
 dev-db/mariadb/mariadb-10.4.25.ebuild   | 1307 ------------------------------
 dev-db/mariadb/mariadb-10.5.16.ebuild   | 1314 ------------------------------
 dev-db/mariadb/mariadb-10.6.8-r1.ebuild | 1320 -------------------------------
 dev-db/mariadb/metadata.xml             |    1 -
 7 files changed, 6532 deletions(-)
Comment 4 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-11-26 19:59:05 UTC
CVE-2023-5157:

A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service.

Fixes in 10.8.4, 10.7.5, 10.6.9, 10.5.17, and 10.4.26 according to
https://mariadb.com/kb/en/security/.