CVE-2022-31621

MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_xbstream.cc, when an error occurs (stream_ctxt->dest_file == NULL) while executing the method xbstream_open, the held lock is not released correctly, which allows local users to trigger a denial of service due to the deadlock. Note: The vendor argues this is just an improper locking bug and not a vulnerability with adverse effects.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
mitreCNA
---
---
CISA-ADPADP
5.3 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
VendorProductVersion
mariadbmariadb
𝑥
< 10.2.41
mariadbmariadb
10.3.0 ≤
𝑥
< 10.3.32
mariadbmariadb
10.4.0 ≤
𝑥
< 10.4.22
mariadbmariadb
10.5.0 ≤
𝑥
< 10.5.13
mariadbmariadb
10.6.0 ≤
𝑥
< 10.6.5
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
mariadb-10.5
bullseye
1:10.5.23-0+deb11u1
fixed
bullseye (security)
1:10.5.26-0+deb11u2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
mariadb-10.0
xenial
not-affected
mariadb-10.1
bionic
not-affected
mariadb-10.3
focal
not-affected
mariadb-10.5
impish
ignored
mariadb-10.6
noble
dne
mantic
dne
lunar
ignored
kinetic
ignored
jammy
not-affected
Common Weakness Enumeration
References
https://github.com/MariaDB/server/commit/b1351c15946349f9daa7e5297fb2ac6f3139e4a8
https://jira.mariadb.org/browse/MDEV-26561
https://jira.mariadb.org/browse/MDEV-26574
https://jira.mariadb.org/browse/MDEV-26574?filter=-2
https://security.netapp.com/advisory/ntap-20220707-0006/
https://github.com/MariaDB/server/commit/b1351c15946349f9daa7e5297fb2ac6f3139e4a8
https://jira.mariadb.org/browse/MDEV-26561
https://jira.mariadb.org/browse/MDEV-26574
https://jira.mariadb.org/browse/MDEV-26574?filter=-2
https://security.netapp.com/advisory/ntap-20220707-0006/