MGASA-2022-0314 - Updated mariadb packages fix security vulnerability
Publication date: 29 Aug 2022
URL: https://advisories.mageia.org/MGASA-2022-0314.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2018-25032,
CVE-2022-32081,
CVE-2022-32082,
CVE-2022-32084,
CVE-2022-32089,
CVE-2022-32091
zlib before 1.2.12 allows memory corruption when deflating (i.e., when
compressing) if the input has many distant matches. (CVE-2018-25032)
A use-after-poison in prepare_inplace_add_virtual at
/storage/innobase/handler/handler0alter.cc. (CVE-2022-32081)
An assertion failure at table->get_ref_count() == 0 in dict0dict.cc.
(CVE-2022-32082)
Segmentation fault via the component sub_select. (CVE-2022-32084)
Segmentation fault via the component st_select_lex_unit::exclude_level.
(CVE-2022-32089)
References:
- https://bugs.mageia.org/show_bug.cgi?id=30754
- https://mariadb.com/kb/en/mariadb-10517-release-notes/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32081
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32082
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32084
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32089
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32091
SRPMS:
- 8/core/mariadb-10.5.17-1.mga8
Mageia 2022-0314: mariadb security update
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches
Summary
zlib before 1.2.12 allows memory corruption when deflating (i.e., when
compressing) if the input has many distant matches. (CVE-2018-25032)
A use-after-poison in prepare_inplace_add_virtual at
/storage/innobase/handler/handler0alter.cc. (CVE-2022-32081)
An assertion failure at table->get_ref_count() == 0 in dict0dict.cc.
(CVE-2022-32082)
Segmentation fault via the component sub_select. (CVE-2022-32084)
Segmentation fault via the component st_select_lex_unit::exclude_level.
(CVE-2022-32089)
References
- https://bugs.mageia.org/show_bug.cgi?id=30754
- https://mariadb.com/kb/en/mariadb-10517-release-notes/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32081
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32082
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32084
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32089
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32091
Resolution
MGASA-2022-0314 - Updated mariadb packages fix security vulnerability
SRPMS
- 8/core/mariadb-10.5.17-1.mga8
Severity
Publication date: 29 Aug 2022
URL: https://advisories.mageia.org/MGASA-2022-0314.html
Type: security
CVE: CVE-2018-25032,
CVE-2022-32081,
CVE-2022-32082,
CVE-2022-32084,
CVE-2022-32089,
CVE-2022-32091
News
HOWTOs
About Us
Powered By
Get Customized Security Advisories that Impact You Directly Create My Customized Advisories Now >>
To stay up-to-date on the latest open-source security news, feature articles and Linux distribution security advisories Subscribe to Our Newsletters!