CVE-2022-32089
Summary
| CVE | CVE-2022-32089 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-07-01 20:15:00 UTC |
| Updated | 2023-11-07 03:47:00 UTC |
| Description | MariaDB v10.5 to v10.7 was discovered to contain a segmentation fault via the component st_select_lex_unit::exclude_level. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Fedoraproject | Fedora | 35 | All | All | All |
| Operating System | Fedoraproject | Fedora | 36 | All | All | All |
| Operating System | Fedoraproject | Fedora | 37 | All | All | All |
| Application | Mariadb | Mariadb | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| [SECURITY] Fedora 35 Update: mariadb-10.5.18-1.fc35 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| [SECURITY] Fedora 36 Update: galera-26.4.13-1.fc36 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| [SECURITY] Fedora 37 Update: mariadb-10.5.18-1.fc37 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| [SECURITY] Fedora 36 Update: galera-26.4.13-1.fc36 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| [MDEV-26410] MariaDB server crash in st_select_lex_unit::exclude_level - Jira | MISC | jira.mariadb.org | |
| [SECURITY] Fedora 35 Update: mariadb-10.5.18-1.fc35 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| [SECURITY] Fedora 37 Update: mariadb-10.5.18-1.fc37 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| July 2022 MariaDB Vulnerabilities in NetApp Products | NetApp Product Security | CONFIRM | security.netapp.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 160981 Oracle Enterprise Linux Security Update for mariadb:10.5 (ELSA-2023-5683)
- 160997 Oracle Enterprise Linux Security Update for galera and mariadb (ELSA-2023-5684)
- 181421 Debian Security Update for mariadb-10.5 (CVE-2022-32089)
- 199043 Ubuntu Security Notification for MariaDB Vulnerabilities (USN-5739-1)
- 242160 Red Hat Update for mariadb:10.5 (RHSA-2023:5683)
- 242162 Red Hat Update for galera and mariadb (RHSA-2023:5684)
- 242541 Red Hat Update for rh-mariadb105-galera and rh-mariadb105-mariadb (RHSA-2023:7633)
- 283363 Fedora Security Update for galera (FEDORA-2022-cf88f807f9)
- 283364 Fedora Security Update for galera (FEDORA-2022-333df1c4aa)
- 283406 Fedora Security Update for galera (FEDORA-2022-e0e9a43546)
- 354397 Amazon Linux Security Advisory for mariadb105 : ALAS2022-2022-245
- 354582 Amazon Linux Security Advisory for mariadb105 : ALAS-2022-245
- 355152 Amazon Linux Security Advisory for mariadb105 : ALAS2023-2023-037
- 356265 Amazon Linux Security Advisory for mariadb : ALASMARIADB10.5-2023-003
- 378963 Alibaba Cloud Linux Security Update for mariadb:10.5 (ALINUX3-SA-2023:0128)
- 502495 Alpine Linux Security Update for mariadb
- 502496 Alpine Linux Security Update for mariadb
- 504149 Alpine Linux Security Update for mariadb
- 690926 Free Berkeley Software Distribution (FreeBSD) Security Update for mariadb (36d10af7-248d-11ed-856e-d4c9ef517024)
- 752572 SUSE Enterprise Linux Security Update for mariadb (SUSE-SU-2022:3225-1)
- 753160 SUSE Enterprise Linux Security Update for mariadb (SUSE-SU-2022:3159-1)
- 753464 SUSE Enterprise Linux Security Update for mariadb (SUSE-SU-2022:3391-1)
- 941292 AlmaLinux Security Update for mariadb:10.5 (ALSA-2023:5683)
- 941294 AlmaLinux Security Update for galera and mariadb (ALSA-2023:5684)
- 961045 Rocky Linux Security Update for mariadb:10.5 (RLSA-2023:5683)