CVE-2022-27449

Summary

CVE	CVE-2022-27449
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2022-04-14 13:15:00 UTC
Updated	2022-10-07 18:59:00 UTC
Description	MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_func.cc:148.

Risk And Classification

Problem Types: NVD-CWE-noinfo

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Debian	Debian Linux	10.0	All	All	All
Application	Mariadb	Mariadb	All	All	All	All
Application	Mariadb	Mariadb	All	All	All	All

References

Reference	Source	Link	Tags
May 2022 MariaDB Vulnerabilities in NetApp Products \| NetApp Product Security	CONFIRM	security.netapp.com
[SECURITY] [DLA 3114-1] mariadb-10.3 security update	MLIST	lists.debian.org
[MDEV-28089] MariaDB SEGV issue - Jira	MISC	jira.mariadb.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

160019 Oracle Enterprise Linux Security Update for mariadb:10.5 (ELSA-2022-5826)
160037 Oracle Enterprise Linux Security Update for galera, mariadb, and mysql-selinux (ELSA-2022-5948)
160096 Oracle Enterprise Linux Security Update for mariadb:10.3 (ELSA-2022-6443)
181097 Debian Security Update for mariadb-10.3 (DLA 3114-1)
181384 Debian Security Update for mariadb-10.5 (CVE-2022-27449)
199043 Ubuntu Security Notification for MariaDB Vulnerabilities (USN-5739-1)
240565 Red Hat Update for rh-mariadb105-galera and rh-mariadb105-mariadb (RHSA-2022:5759)
240586 Red Hat Update for mariadb:10.5 security (RHSA-2022:5826)
240596 Red Hat Update for galera, mariadb, and mysql-selinux security (RHSA-2022:5948)
240645 Red Hat Update for rh-mariadb103-galera and rh-mariadb103-mariadb (RHSA-2022:6306)
240665 Red Hat Update for mariadb:10.3 (RHSA-2022:6443)
354476 Amazon Linux Security Advisory for mariadb105 : ALAS2022-2022-182
355152 Amazon Linux Security Advisory for mariadb105 : ALAS2023-2023-037
356265 Amazon Linux Security Advisory for mariadb : ALASMARIADB10.5-2023-003
377368 Alibaba Cloud Linux Security Update for mariadb:10.5 (ALINUX3-SA-2022:0151)
500390 Alpine Linux Security Update for mariadb
501434 Alpine Linux Security Update for mariadb
501972 Alpine Linux Security Update for mariadb
504148 Alpine Linux Security Update for mariadb
690871 Free Berkeley Software Distribution (FreeBSD) Security Update for mariadb (04fecc47-dad2-11ec-8fbd-d4c9ef517024)
752278 SUSE Enterprise Linux Security Update for mariadb (SUSE-SU-2022:2189-1)
753083 SUSE Enterprise Linux Security Update for mariadb (SUSE-SU-2022:2003-1)
753364 SUSE Enterprise Linux Security Update for mariadb (SUSE-SU-2022:2561-1)
900835 Common Base Linux Mariner (CBL-Mariner) Security Update for mariadb (9434)
901627 Common Base Linux Mariner (CBL-Mariner) Security Update for mariadb (9413)
902068 Common Base Linux Mariner (CBL-Mariner) Security Update for mariadb (9413-1)
902224 Common Base Linux Mariner (CBL-Mariner) Security Update for mariadb (9434-1)
906346 Common Base Linux Mariner (CBL-Mariner) Security Update for mariadb (9413-2)
940606 AlmaLinux Security Update for mariadb:10.5 (ALSA-2022:5826)
940632 AlmaLinux Security Update for galera, (ALSA-2022:5948)
940668 AlmaLinux Security Update for mariadb:10.3 (ALSA-2022:6443)
960383 Rocky Linux Security Update for mariadb:10.5 (RLSA-2022:5826)
960482 Rocky Linux Security Update for galera, (RLSA-2022:5948)