Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Mageia: 2020-0284 Moderate: MariaDB Client and Server DoS Issue

mageia
Calendar Grey July 7, 2020
Dist Mageia Esm H88
Recent updates to MariaDB packages resolve significant security vulnerabilities in both the MariaDB Client and Server, effectively mitigating risks of Denial of Service attacks.
Updated mariadb packages fix security vulnerabilities: Vulnerability in the MariaDB Client product of MariaDB (component: C API) Difficult to exploit vulnerability allows low priv...

Summary

Updated mariadb packages fix security vulnerabilities:
Vulnerability in the MariaDB Client product of MariaDB (component: C API) Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MariaDB Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MariaDB Client (CVE-2020-2752).
Vulnerability in the MariaDB Server product of MariaDB (component: InnoDB). Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MariaDB Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MariaDB Server as well as unauthorized update, insert or delete access to some of MariaDB Server accessible data (CVE-2020-2760).
Vulnerability in the MariaDB Server product of MariaDB (component: Serv...

Read the Full Advisory

References

- https://bugs.mageia.org/show_bug.cgi?id=26818

- https://mariadb.com/docs/release-notes/community-server/old-releases/release-notes-mariadb-10-3-series/mariadb-10323-release-notes

- https://www.cve.org/CVERecord?id=CVE-2020-2752

- https://www.cve.org/CVERecord?id=CVE-2020-2760

- https://www.cve.org/CVERecord?id=CVE-2020-2812

- https://www.cve.org/CVERecord?id=CVE-2020-2814

Topics%20covered

Topics Covered

security advisory denial of service network access mariadb mageia

Resolution

SRPMS

- 7/core/mariadb-10.3.23-1.mga7

Severity
important
Lowest
Low
Medium
High
Critical

Publication date: 07 Jul 2020
URL: https://advisories.mageia.org/MGASA-2020-0284.html
Type: security
CVE: CVE-2020-2752, CVE-2020-2760, CVE-2020-2812, CVE-2020-2814

Topics%20covered

Topics Covered

security advisory denial of service network access mariadb mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here