Published: 25/05/2022 Updated: 08/08/2023

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

MariaDB Server prior to 10.7 is vulnerable to Denial of Service. While executing the plugin/server_audit/server_audit.c method log_statement_ex, the held lock lock_bigbuffer is not released correctly, which allows local users to trigger a denial of service due to the deadlock.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mariadb mariadb

MariaDB Server before 107 is vulnerable to Denial of Service While executing the plugin/server_audit/server_auditc method log_statement_ex, the held lock lock_bigbuffer is not released correctly, which allows local users to trigger a denial of service due to the deadlock ...

get_sort_by_table in MariaDB before 1062 allows an application crash via certain subquery uses of ORDER BY (CVE-2021-46657) MariaDB before 1072 allows an application crash because it does not recognize that SELECT_LEX::nest_level is local to each VIEW (CVE-2021-46659) MariaDB through 1059 allows an application crash in find_field_in_tables ...

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB) Supported versions that are affected are 5734 and prior and 8025 and prior Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server Successful attacks of this vulnerability can result i ...

CWE-667 https://jira.mariadb.org/browse/MDEV-26556?filter=-2 https://github.com/MariaDB/server/commit/d627d00b13ab2f2c0954ea7b77202470cb102944 https://security.netapp.com/advisory/ntap-20220707-0006/https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2022-31624 https://alas.aws.amazon.com/AL2/ALAS-2023-2057.html

CVE-2022-31624

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect