CVE-2022-31624
Description
MariaDB Server before 10.7 is vulnerable to Denial of Service. While executing the plugin/server_audit/server_audit.c method log_statement_ex, the held lock lock_bigbuffer is not released correctly, which allows local users to trigger a denial of service due to the deadlock.
Risk Information
Base Score
5.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.044
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2022-31624,CVE-2022-27385,CVE-2021-46667,CVE-2021-46662 are fixed in MariaDB MariaDB 10.6.5 | Windows |
| Vulnerabilities CVE-2022-31624,CVE-2022-27385,CVE-2021-46667,CVE-2021-46662,CVE-2021-35604 are fixed in MariaDB MariaDB 10.5.13 | Windows |
| Vulnerabilities CVE-2022-31624,CVE-2022-27385,CVE-2021-46667,CVE-2021-46662,CVE-2021-35604 are fixed in MariaDB MariaDB 10.4.22 | Windows |
| Vulnerabilities CVE-2022-31624,CVE-2022-27385,CVE-2021-46667,CVE-2021-46662,CVE-2021-35604 are fixed in MariaDB MariaDB 10.3.32 | Windows |
| Vulnerabilities CVE-2022-31624,CVE-2021-46667,CVE-2021-35604 are fixed in MariaDB MariaDB 10.2.41 | Windows |
| mariadb Security Update (ALAS-2023-2057) mariadb-5.5.68-1.amzn2.0.1.x86_64.rpm | Linux |
| mariadb Security Update (ALAS-2023-2057) mariadb-libs-5.5.68-1.amzn2.0.1.i686.rpm | Linux |
| mariadb Security Update (ALAS-2023-2057) mariadb-libs-5.5.68-1.amzn2.0.1.x86_64.rpm | Linux |
| mariadb Security Update (ALAS-2023-2057) mariadb-test-5.5.68-1.amzn2.0.1.x86_64.rpm | Linux |
| mariadb Security Update (ALAS-2023-2057) mariadb-bench-5.5.68-1.amzn2.0.1.x86_64.rpm | Linux |
| mariadb Security Update (ALAS-2023-2057) mariadb-devel-5.5.68-1.amzn2.0.1.x86_64.rpm | Linux |
| mariadb Security Update (ALAS-2023-2057) mariadb-server-5.5.68-1.amzn2.0.1.x86_64.rpm | Linux |
| mariadb Security Update (ALAS-2023-2057) mariadb-embedded-5.5.68-1.amzn2.0.1.x86_64.rpm | Linux |
| mariadb Security Update (ALAS-2023-2057) mariadb-embedded-devel-5.5.68-1.amzn2.0.1.x86_64.rpm | Linux |
| mariadb Security Update (ALAS2-2023-2057) mariadb-5.5.68-1.amzn2.0.1.x86_64.rpm | Linux |
| mariadb Security Update (ALAS2-2023-2057) mariadb-bench-5.5.68-1.amzn2.0.1.x86_64.rpm | Linux |
| mariadb Security Update (ALAS2-2023-2057) mariadb-devel-5.5.68-1.amzn2.0.1.x86_64.rpm | Linux |
| mariadb Security Update (ALAS2-2023-2057) mariadb-embedded-5.5.68-1.amzn2.0.1.x86_64.rpm | Linux |
| mariadb Security Update (ALAS2-2023-2057) mariadb-embedded-devel-5.5.68-1.amzn2.0.1.x86_64.rpm | Linux |
| mariadb Security Update (ALAS2-2023-2057) mariadb-libs-5.5.68-1.amzn2.0.1.x86_64.rpm | Linux |
| mariadb Security Update (ALAS2-2023-2057) mariadb-libs-5.5.68-1.amzn2.0.1.i686.rpm | Linux |
| mariadb Security Update (ALAS2-2023-2057) mariadb-server-5.5.68-1.amzn2.0.1.x86_64.rpm | Linux |
| mariadb Security Update (ALAS2-2023-2057) mariadb-test-5.5.68-1.amzn2.0.1.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-backup-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-common-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-connect-engine-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-cracklib-password-check-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-devel-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-errmsg-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-gssapi-server-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-oqgraph-engine-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-pam-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-rocksdb-engine-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-server-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-server-utils-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-sphinx-engine-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
| mariadb105 Security Update (ALAS2023-2023-037) mariadb105-test-10.5.16-1.amzn2023.0.7.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234