CVE-2022-24051

EUVD-2022-28966
MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16193.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
zdiCNA
7 HIGH
LOCAL
HIGH
LOW
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
Affected Products (NVD)
VendorProductVersion
mariadbmariadb
10.2.0 ≤
𝑥
< 10.2.42
mariadbmariadb
10.3.0 ≤
𝑥
< 10.3.33
mariadbmariadb
10.4.0 ≤
𝑥
< 10.4.23
mariadbmariadb
10.5.0 ≤
𝑥
< 10.5.14
mariadbmariadb
10.6.0 ≤
𝑥
< 10.6.6
mariadbmariadb
10.7.0 ≤
𝑥
< 10.7.2
mariadbmariadb
10.8.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
mariadb-10.5
bullseye
1:10.5.23-0+deb11u1
fixed
bullseye (security)
1:10.5.26-0+deb11u2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
mariadb-10.0
trusty
ignored
xenial
needs-triage
mariadb-10.1
bionic
needs-triage
trusty
ignored
xenial
ignored
mariadb-10.3
focal
Fixed 1:10.3.34-0ubuntu0.20.04.1
released
trusty
ignored
xenial
ignored
mariadb-10.5
impish
Fixed 1:10.5.15-0ubuntu0.21.10.1
released
trusty
ignored
xenial
ignored
mariadb-10.6
jammy
not-affected
kinetic
ignored
lunar
ignored
mantic
dne
noble
dne
trusty
ignored
xenial
ignored
mariadb-5.5
trusty
ignored
xenial
ignored
Common Weakness Enumeration
References
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKJRBYJAQCOPHSED43A3HUPNKQLDTFGD/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZFZVMJL5UDTOZMARLXQIMG3BTG6UNYW/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJ4KDAGF3H4D4BDTHRAM6ZEAJJWWMRUO/
https://mariadb.com/kb/en/security/
https://security.netapp.com/advisory/ntap-20220318-0004/
https://www.zerodayinitiative.com/advisories/ZDI-22-318/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKJRBYJAQCOPHSED43A3HUPNKQLDTFGD/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZFZVMJL5UDTOZMARLXQIMG3BTG6UNYW/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJ4KDAGF3H4D4BDTHRAM6ZEAJJWWMRUO/
https://mariadb.com/kb/en/security/
https://security.netapp.com/advisory/ntap-20220318-0004/
https://www.zerodayinitiative.com/advisories/ZDI-22-318/