CVE-2021-46657
- Source
- https://cve.org/CVERecord?id=CVE-2021-46657
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-46657.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2021-46657
- Aliases
- Downstream
- Related
- Published
- 2022-01-29T23:15:07.370Z
- Modified
- 2026-02-05T09:58:53.824688Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
getsortby_table in MariaDB before 10.6.2 allows an application crash via certain subquery uses of ORDER BY.
- References
-
- https://jira.mariadb.org/browse/MDEV-25629
- https://mariadb.com/kb/en/security/
- https://security.netapp.com/advisory/ntap-20220221-0002/
- https://jira.mariadb.org/browse/MDEV-25629
- https://jira.mariadb.org/browse/MDEV-25629
- https://mariadb.com/kb/en/security/
- https://jira.mariadb.org/browse/MDEV-25629
Affected packages
Git / github.com/mariadb/server
Affected ranges
- Type
- GIT
- Repo
- https://github.com/mariadb/server
- Events
-
IntroducedFixedIntroducedFixedIntroducedFixedIntroducedFixedIntroducedFixed
Affected versions
mariadb-10.*
mariadb-10.2.38
mariadb-10.2.39
mariadb-10.3.29
mariadb-10.3.30
mariadb-10.4.19
mariadb-10.4.20
mariadb-10.5.10
mariadb-10.6.0
mariadb-10.6.1
Database specific
vanir_signatures
[
{
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/dfa2d0bc13362b949b1b1699955583f74e7db90a",
"id": "CVE-2021-46657-22653791",
"target": {
"file": "storage/innobase/buf/buf0rea.cc"
},
"digest": {
"line_hashes": [
"9400222600408394113854955845148251550",
"267257386336579331390611261914774828478",
"189536264958544660700185072002532972839",
"193805967944163620182999174848777714078",
"282869864226996165637981041103104536726",
"26938163949962398934495479444415632162",
"72241035954307945675111933680321883477",
"280566434063434889408790761027231048928",
"92125625348087383421259905267305515415",
"313495999497570500203034231747698112842",
"272437086787124780898559560572061079011"
],
"threshold": 0.9
},
"signature_type": "Line",
"signature_version": "v1"
},
{
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/dfa2d0bc13362b949b1b1699955583f74e7db90a",
"id": "CVE-2021-46657-3552b324",
"target": {
"file": "storage/innobase/buf/buf0rea.cc",
"function": "buf_read_ibuf_merge_pages"
},
"digest": {
"function_hash": "167158152493564073249914155441787105995",
"length": 1549.0
},
"signature_type": "Function",
"signature_version": "v1"
},
{
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/dc82effa5df5e59be6c7de4038f0a832f37d9bdc",
"id": "CVE-2021-46657-6ec580f9",
"target": {
"file": "sql/sql_trigger.cc",
"function": "mysql_create_or_drop_trigger"
},
"digest": {
"function_hash": "271011855159538044750489861653873782093",
"length": 4444.0
},
"signature_type": "Function",
"signature_version": "v1"
},
{
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/dc82effa5df5e59be6c7de4038f0a832f37d9bdc",
"id": "CVE-2021-46657-7659b364",
"target": {
"file": "sql/sql_trigger.cc"
},
"digest": {
"line_hashes": [
"339559886780799090878085381958061360169",
"151729614400971874772847717965537069600",
"236125119658316257140538411157439741112",
"233028891501776821288285970878975086616",
"132348789304380855063178510341696500536",
"207724953019298377424453045592269973150",
"117547820429463739401442323606832607352",
"3985366193169446645772796996865175148",
"334240053135151456882726509273030013265",
"243428821448236076998137058487092230093",
"147309012040762761595059824433377694785",
"170035400329405409419591926010967389127",
"213151042119900840179898660610293341470",
"181897625268163181183859475736533996731",
"219021583297753988810205428399564317167",
"182521891829878384501911324957376069386",
"272977007887945453962689509597528533056",
"298571707135824001045329467307462523673",
"29366491492252379221699878742008539773",
"188224811239451808738716452688192890238"
],
"threshold": 0.9
},
"signature_type": "Line",
"signature_version": "v1"
},
{
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/75a65d3201a4486af96cf3277b6c5a4ba460eef7",
"id": "CVE-2021-46657-b9d94415",
"target": {
"file": "storage/innobase/dict/dict0dict.cc"
},
"digest": {
"line_hashes": [
"183117465363777129542495803707492806621",
"67657611108690683428701830111045085461",
"63358048840660839436562395118625878523",
"121330641183731235168866599393679584506"
],
"threshold": 0.9
},
"signature_type": "Line",
"signature_version": "v1"
},
{
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/75a65d3201a4486af96cf3277b6c5a4ba460eef7",
"id": "CVE-2021-46657-c3c91b64",
"target": {
"file": "storage/innobase/dict/dict0dict.cc",
"function": "dict_set_corrupted"
},
"digest": {
"function_hash": "765228184937249131489843188147560294",
"length": 1994.0
},
"signature_type": "Function",
"signature_version": "v1"
},
{
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/75a65d3201a4486af96cf3277b6c5a4ba460eef7",
"id": "CVE-2021-46657-cdea3ff4",
"target": {
"file": "storage/innobase/handler/ha_innodb.cc"
},
"digest": {
"line_hashes": [
"277273648816874972059692720746076495680",
"183710423110090956913285231696283189815",
"257676914512298973488369991747556707758",
"79353217737707176234172779837544045217",
"243770059991028740159627133916562786411"
],
"threshold": 0.9
},
"signature_type": "Line",
"signature_version": "v1"
},
{
"deprecated": false,
"source": "https://github.com/mariadb/server/commit/75a65d3201a4486af96cf3277b6c5a4ba460eef7",
"id": "CVE-2021-46657-fed27d0a",
"target": {
"file": "storage/innobase/handler/ha_innodb.cc",
"function": "ha_innobase::check"
},
"digest": {
"function_hash": "37056481603397809199317577644289172704",
"length": 4828.0
},
"signature_type": "Function",
"signature_version": "v1"
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-46657.json"