Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: 2022:3391-1 Critical: Segmentation Fault in MariaDB

suse
Calendar Grey September 26, 2022
Dist Suse Esm H88
The latest mariadb patch addresses 11 security vulnerabilities and brings forth a significant erratum for SUSE distributions and corresponding modules.
An update that solves 11 vulnerabilities and has one errata is now available

Summary

This update for mariadb fixes the following issues: Update to 10.5.17: - CVE-2022-32082: Fixed assertion failure at table->get_ref_count() == 0 in dict0dict.cc (bsc#1201162). - CVE-2022-32089: Fixed segmentation fault via the component st_select_lex_unit::exclude_level (bsc#1201169). - CVE-2022-32081: Fixed use-after-poison in prepare_inplace_add_virtual at /storage/innobase/handler/handler0alter.cc (bsc#1201161). - CVE-2022-32091: Fixed use-after-poison in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc (bsc#1201170). - CVE-2022-32084: Fixed segmentation fault via the component sub_select (bsc#1201164). - CVE-2022-38791: Fixed deadlock in compress_write in extra/mariabackup/ds_compress.cc (bsc#1202863).

Topics%20covered

Topics Covered

security advisory software update important SUSE segmentation fault mariadb

References

#1200105 #1201161 #1201162 #1201163 #1201164

#1201165 #1201166 #1201167 #1201168 #1201169

#1201170 #1202863

Cross- CVE-2022-32081 CVE-2022-32082 CVE-2022-32083

CVE-2022-32084 CVE-2022-32085 CVE-2022-32086

CVE-2022-32087 CVE-2022-32088 CVE-2022-32089

CVE-2022-32091 CVE-2022-38791

CVSS scores:

CVE-2022-32081 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2022-32081 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CVE-2022-32082 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2022-32082 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CVE-2022-32083 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2022-32083 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2022:3391-1
Rating: important

Topics%20covered

Topics Covered

security advisory software update important SUSE segmentation fault mariadb

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here