Test ID:	1.3.6.1.4.1.25623.1.0.127028
Category:	Databases
Title:	MariaDB Multiple DoS Vulnerabilities (MDEV-26561) - Linux
Summary:	MariaDB is prone to multiple denial of service (DoS); vulnerabilities.
Description:	Summary: MariaDB is prone to multiple denial of service (DoS) vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: - CVE-2022-31622: in extra/mariabackup/ds_compress.cc, while executing the method create_worker_threads, the held lock is not released correctly, which allows local users to trigger a denial of service due to the deadlock, - CVE-2022-31623: In extra/mariabackup/ds_compress.cc, while executing the method create_worker_threads, the held lock thd->ctrl_mutex is not released correctly, which allows local users to trigger a denial of service due to the deadlock. Affected Software/OS: MariaDB versions prior to 10.2.42, 10.3.x prior to 10.3.33, 10.4.x prior to 10.4.23, 10.5.x prior to 10.5.14, 10.6.x prior to 10.6.6 and 10.7.x prior to 10.7.2. Solution: Update to version 10.2.42, 10.3.33, 10.4.23, 10.5.14, 10.6.6, 10.7.2 or later. CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2022-31622 https://github.com/MariaDB/server/commit/e1eb39a446c30b8459c39fd7f2ee1c55a36e97d2 https://jira.mariadb.org/browse/MDEV-26561 https://jira.mariadb.org/browse/MDEV-26561?filter=-2 https://jira.mariadb.org/browse/MDEV-26574 Common Vulnerability Exposure (CVE) ID: CVE-2022-31623 https://github.com/MariaDB/server/commit/7c30bc38a588b22b01f11130cfe99e7f36accf94 https://github.com/MariaDB/server/pull/1938
Copyright	Copyright (C) 2022 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.