BIT-mariadb-2022-38791

See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/mariadb/BIT-mariadb-2022-38791.json
JSON Data
https://api.osv.dev/v1/vulns/BIT-mariadb-2022-38791
Aliases
Published
2024-03-06T10:55:58.175Z
Modified
2024-03-06T11:25:28.861Z
Summary
[none]
Details

In MariaDB before 10.9.2, compresswrite in extra/mariabackup/dscompress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.

Database specific
{
    "cpes": [
        "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
        "cpe:2.3:a:mariadb:mariadb:10.9.1:*:*:*:*:*:*:*"
    ],
    "severity": "Medium"
}
References

Affected packages

Bitnami / mariadb

Package

Name
mariadb
Purl
pkg:bitnami/mariadb

Severity

  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Affected ranges

Type
SEMVER
Events
Introduced
10.3.0
Fixed
10.3.36
Introduced
10.4.0
Fixed
10.4.26
Introduced
10.5.0
Fixed
10.5.17
Introduced
10.6.0
Fixed
10.6.9
Introduced
10.7.0
Fixed
10.7.5
Introduced
10.8.0
Fixed
10.8.4
Type
SEMVER
Events
Introduced
10.9.1
Last affected
10.9.1