2074951 – (CVE-2022-27379) CVE-2022-27379 mariadb: server crash in component arg_comparator::compare_real_fixed

Bug 2074951 (CVE-2022-27379) - CVE-2022-27379 mariadb: server crash in component arg_comparator::compare_real_fixed

Summary: CVE-2022-27379 mariadb: server crash in component arg_comparator::compare_rea...

Keywords:
Status:	NEW
Alias:	CVE-2022-27379
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2083246 2083249 2089977 2089980 2090192 2090833 2090834 2096275 2096280 2090831 2090832 2090839 2090845
Blocks:	2075026
TreeView+	depends on / blocked

Reported:	2022-04-13 11:21 UTC by TEJ RATHI
Modified:	2022-06-15 20:09 UTC (History)
CC List:	27 users (show)
Fixed In Version:	mariadb 10.7.4, mariadb 10.6.8, mariadb 10.5.16, mariadb 10.4.25, mariadb 10.3.35
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description TEJ RATHI 2022-04-13 11:21:43 UTC

An issue in the component Arg_comparator::compare_real_fixed of MariaDB Server v10.6.2 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.

https://jira.mariadb.org/browse/MDEV-26353

Comment 4 Mauro Matteo Cascella 2022-05-26 16:04:19 UTC

Created mariadb tracking bugs for this issue:

Affects: fedora-all [bug 2090831]

Comment 5 Mauro Matteo Cascella 2022-05-26 16:09:50 UTC

Created mariadb:10.5/mariadb tracking bugs for this issue:

Affects: fedora-all [bug 2090832]

Comment 6 Mauro Matteo Cascella 2022-05-26 16:19:32 UTC

Created mariadb:10.3/mariadb tracking bugs for this issue:

Affects: fedora-all [bug 2090833]

Comment 7 Mauro Matteo Cascella 2022-05-26 16:29:15 UTC

Created mariadb:10.4/mariadb tracking bugs for this issue:

Affects: fedora-all [bug 2090834]

Comment 8 Mauro Matteo Cascella 2022-05-26 16:39:07 UTC

Created mariadb:10.6/mariadb tracking bugs for this issue:

Affects: fedora-all [bug 2090839]

Comment 9 Mauro Matteo Cascella 2022-05-26 16:57:50 UTC

Created mariadb:10.7/mariadb tracking bugs for this issue:

Affects: fedora-all [bug 2090845]

Note You need to log in before you can comment on or make changes to this bug.

caswilli
csutherl
damien.ciabrini
databases-maint
dciabrin
eglynn
gzaronik
hhorak
jburrell
jclere
jjoyce
jorton
jwon
kaycoth
krathod
lhh
ljavorsk
mbayer
mburns
mkocka
mmuzila
mschorm
mturk
pjindal
SpikeFedora
spower
szappis