CVE-2022-32091

Summary

CVE	CVE-2022-32091
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2022-07-01 20:15:00 UTC
Updated	2023-11-07 03:47:00 UTC
Description	MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc.

Risk And Classification

Problem Types: CWE-416

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Debian	Debian Linux	10.0	All	All	All
Operating System	Fedoraproject	Fedora	35	All	All	All
Operating System	Fedoraproject	Fedora	36	All	All	All
Operating System	Fedoraproject	Fedora	37	All	All	All
Application	Mariadb	Mariadb	All	All	All	All

References

Reference	Source	Link	Tags
[SECURITY] Fedora 35 Update: mariadb-10.5.18-1.fc35 - package-announce - Fedora Mailing-Lists	FEDORA	lists.fedoraproject.org
[SECURITY] Fedora 36 Update: galera-26.4.13-1.fc36 - package-announce - Fedora Mailing-Lists	FEDORA	lists.fedoraproject.org
[SECURITY] Fedora 37 Update: mariadb-10.5.18-1.fc37 - package-announce - Fedora Mailing-Lists		lists.fedoraproject.org
[SECURITY] Fedora 36 Update: galera-26.4.13-1.fc36 - package-announce - Fedora Mailing-Lists		lists.fedoraproject.org
[MDEV-26431] MariaDB Server use-after-poison - Jira	MISC	jira.mariadb.org
[SECURITY] Fedora 35 Update: mariadb-10.5.18-1.fc35 - package-announce - Fedora Mailing-Lists		lists.fedoraproject.org
[SECURITY] Fedora 37 Update: mariadb-10.5.18-1.fc37 - package-announce - Fedora Mailing-Lists	FEDORA	lists.fedoraproject.org
July 2022 MariaDB Vulnerabilities in NetApp Products \| NetApp Product Security	CONFIRM	security.netapp.com
[SECURITY] [DLA 3114-1] mariadb-10.3 security update	MLIST	lists.debian.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

160933 Oracle Enterprise Linux Security Update for mariadb:10.3 (ELSA-2023-5259)
160981 Oracle Enterprise Linux Security Update for mariadb:10.5 (ELSA-2023-5683)
160997 Oracle Enterprise Linux Security Update for galera and mariadb (ELSA-2023-5684)
181097 Debian Security Update for mariadb-10.3 (DLA 3114-1)
181350 Debian Security Update for mariadb-10.5 (CVE-2022-32091)
199043 Ubuntu Security Notification for MariaDB Vulnerabilities (USN-5739-1)
242074 Red Hat Update for mariadb:10.3 security (RHSA-2023:5259)
242160 Red Hat Update for mariadb:10.5 (RHSA-2023:5683)
242162 Red Hat Update for galera and mariadb (RHSA-2023:5684)
242541 Red Hat Update for rh-mariadb105-galera and rh-mariadb105-mariadb (RHSA-2023:7633)
283363 Fedora Security Update for galera (FEDORA-2022-cf88f807f9)
283364 Fedora Security Update for galera (FEDORA-2022-333df1c4aa)
283406 Fedora Security Update for galera (FEDORA-2022-e0e9a43546)
355181 Amazon Linux Security Advisory for mariadb105 : ALAS-2023-155
355290 Amazon Linux Security Advisory for mariadb105 : ALAS-2023-155
355292 Amazon Linux Security Advisory for mariadb105 : ALAS-2023-155
355296 Amazon Linux Security Advisory for mariadb105 : ALAS-2023-155
355302 Amazon Linux Security Advisory for mariadb105 : ALAS-2023-155
355306 Amazon Linux Security Advisory for mariadb105 : ALAS-2023-155
355308 Amazon Linux Security Advisory for mariadb105 : ALAS-2023-155
355313 Amazon Linux Security Advisory for mariadb105 : ALAS2023-2023-155
356265 Amazon Linux Security Advisory for mariadb : ALASMARIADB10.5-2023-003
378963 Alibaba Cloud Linux Security Update for mariadb:10.5 (ALINUX3-SA-2023:0128)
502495 Alpine Linux Security Update for mariadb
502496 Alpine Linux Security Update for mariadb
504149 Alpine Linux Security Update for mariadb
690926 Free Berkeley Software Distribution (FreeBSD) Security Update for mariadb (36d10af7-248d-11ed-856e-d4c9ef517024)
752572 SUSE Enterprise Linux Security Update for mariadb (SUSE-SU-2022:3225-1)
753160 SUSE Enterprise Linux Security Update for mariadb (SUSE-SU-2022:3159-1)
753464 SUSE Enterprise Linux Security Update for mariadb (SUSE-SU-2022:3391-1)
902774 Common Base Linux Mariner (CBL-Mariner) Security Update for mariadb (10608)
902776 Common Base Linux Mariner (CBL-Mariner) Security Update for mariadb (10607)
903828 Common Base Linux Mariner (CBL-Mariner) Security Update for mariadb (10607-1)
904214 Common Base Linux Mariner (CBL-Mariner) Security Update for mariadb (10608-1)
941264 AlmaLinux Security Update for mariadb:10.3 (ALSA-2023:5259)
941292 AlmaLinux Security Update for mariadb:10.5 (ALSA-2023:5683)
941294 AlmaLinux Security Update for galera and mariadb (ALSA-2023:5684)
961045 Rocky Linux Security Update for mariadb:10.5 (RLSA-2023:5683)