Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 456
Alerts This Week
Warning Icon 1 456

SUSE: 2021:2634-1 Important: MariaDB Denial Of Service Risk

suse
Calendar Grey August 6, 2021
Dist Suse Esm H88
SUSE Security Patch for postgresql resolves severe weaknesses in SUSE, reinforcing operational safety and system reliability.
An update that solves four vulnerabilities and has two fixes is now available

Summary

This update for mariadb fixes the following issues: - Update to 10.2.39 (bsc#1182739) - CVE-2021-2166: DML unspecified vulnerability lead to complete DOS. (bsc#1185870) - CVE-2021-2154: DML unspecified vulnerability can lead to complete DOS. (bsc#1185872) - CVE-2021-2180: InnoDB unspecified vulnerability lead to complete DOS. (bsc#1185868) - CVE-2021-27928: Fixed a remote code execution issue. (bsc#1183770) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Crowbar 9: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2021-2634=1 - SUSE OpenStack Cloud 9: zypper in -t patch SUSE-OpenStack-Cloud-9-2021-2634=1

References

#1182739 #1183770 #1185868 #1185870 #1185872

#1188300

Cross- CVE-2021-2154 CVE-2021-2166 CVE-2021-2180

CVE-2021-27928

CVSS scores:

CVE-2021-2154 (NVD) : 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CVE-2021-2154 (SUSE): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CVE-2021-2166 (NVD) : 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CVE-2021-2166 (SUSE): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CVE-2021-2180 (NVD) : 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CVE-2021-2180 (SUSE): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CVE-2021-27928 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE-2021-27928 (SUSE): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected Products:

SUSE OpenStack Cloud Crowbar 9

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2021:2634-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.