Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2021-0402)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2021.0402

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2021-0402)

Resumen: The remote host is missing an update for the 'mariadb' package(s) announced via the MGASA-2021-0402 advisory.

Descripción: Summary:
The remote host is missing an update for the 'mariadb' package(s) announced via the MGASA-2021-0402 advisory.

Vulnerability Insight:
Updated mariadb packages fix security vulnerabilities:

A security issue has been found in the InnoDB component of MariaDB
before version 10.6.4. A difficult to exploit vulnerability allows a
high privileged attacker with network access via multiple protocols to
compromise the MariaDB server. Successful attacks of this vulnerability
can result in the unauthorized ability to cause a hang or frequently
repeatable crash (complete denial of service) of the MariaDB server
(CVE-2021-2372).

A security issue has been found in the InnoDB component of MariaDB
before version 10.6.4. A difficult to exploit vulnerability allows an
unauthenticated attacker with network access via multiple protocols to
compromise the MariaDB server. Successful attacks of this vulnerability
can result in the unauthorized ability to cause a hang or frequently
repeatable crash (complete denial of service) of the MariaDB server
(CVE-2021-2389).

Affected Software/OS:
'mariadb' package(s) on Mageia 8.

Solution:
Please install the updated package(s).

CVSS Score:
7.1

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2021-2372
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VGR5ZTB5QEDRRC6G5U6TFNCIVBBKGS5J/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2UTW5KMPPDKIMGB4ULE2HS22HYLVKYIH/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6OO2Q5PIFURXLLKCIJE6XF6VL4LLMNO5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPJAGVMRKODR4QIXQSVEM4BLRZUM7P3R/
https://www.oracle.com/security-alerts/cpujul2021.html
Common Vulnerability Exposure (CVE) ID: CVE-2021-2389
https://www.zerodayinitiative.com/advisories/ZDI-21-880/

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2021.0402
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2021-0402)
Resumen:	The remote host is missing an update for the 'mariadb' package(s) announced via the MGASA-2021-0402 advisory.
Descripción:	Summary: The remote host is missing an update for the 'mariadb' package(s) announced via the MGASA-2021-0402 advisory. Vulnerability Insight: Updated mariadb packages fix security vulnerabilities: A security issue has been found in the InnoDB component of MariaDB before version 10.6.4. A difficult to exploit vulnerability allows a high privileged attacker with network access via multiple protocols to compromise the MariaDB server. Successful attacks of this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete denial of service) of the MariaDB server (CVE-2021-2372). A security issue has been found in the InnoDB component of MariaDB before version 10.6.4. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise the MariaDB server. Successful attacks of this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete denial of service) of the MariaDB server (CVE-2021-2389). Affected Software/OS: 'mariadb' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2021-2372 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VGR5ZTB5QEDRRC6G5U6TFNCIVBBKGS5J/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2UTW5KMPPDKIMGB4ULE2HS22HYLVKYIH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6OO2Q5PIFURXLLKCIJE6XF6VL4LLMNO5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPJAGVMRKODR4QIXQSVEM4BLRZUM7P3R/ https://www.oracle.com/security-alerts/cpujul2021.html Common Vulnerability Exposure (CVE) ID: CVE-2021-2389 https://www.zerodayinitiative.com/advisories/ZDI-21-880/
Copyright	Copyright (C) 2022 Greenbone AG