CVE-2022-27447: Use After Free
First published: Thu Apr 14 2022(Updated: )
MariaDB Server v10.9 and below was discovered to contain a use-after-free via the component Binary_string::free_buffer() at /sql/sql_string.h.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mariadb Mariadb | >=10.3.0<10.3.35 | |
| Mariadb Mariadb | >=10.4.0<10.4.25 | |
| Mariadb Mariadb | >=10.5.0<10.5.16 | |
| Mariadb Mariadb | >=10.6.0<10.6.8 | |
| Mariadb Mariadb | >=10.7.0<10.7.4 | |
| Debian Debian Linux | =10.0 | |
| redhat/mariadb | <10.7.4 | 10.7.4 |
| redhat/mariadb | <10.6.8 | 10.6.8 |
| redhat/mariadb | <10.5.16 | 10.5.16 |
| redhat/mariadb | <10.4.25 | 10.4.25 |
| redhat/mariadb | <10.3.35 | 10.3.35 |
| ubuntu/mariadb-10.3 | <1:10.3.37-0ubuntu0.20.04.1 | 1:10.3.37-0ubuntu0.20.04.1 |
| ubuntu/mariadb-10.6 | <1:10.6.11-0ubuntu0.22.04.1 | 1:10.6.11-0ubuntu0.22.04.1 |
| ubuntu/mariadb-10.6 | <1:10.6.8-1 | 1:10.6.8-1 |
| debian/mariadb-10.3 | <=1:10.3.34-0+deb10u1 | 1:10.3.39-0+deb10u2 |
| debian/mariadb-10.5 | 1:10.5.23-0+deb11u1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://jira.mariadb.org/browse/MDEV-28099
- https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html
- https://security.netapp.com/advisory/ntap-20220526-0006/
- https://jira.mariadb.org/browse/MDEV-24176
- https://github.com/MariaDB/server/commit/c02ebf3510850ba78a106be9974c94c3b97d8585
- https://github.com/MariaDB/server/commit/08c7ab404f69d9c4ca6ca7a9cf7eec74c804f917
- https://github.com/MariaDB/server/commit/b3c3291f0b7c1623cb20663f7cf31b7f749768bc
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2090831
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2090832
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2090833
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2090834
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2090839
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2090845
- https://access.redhat.com/errata/RHSA-2022:5759
- https://access.redhat.com/errata/RHSA-2022:5826
- https://access.redhat.com/errata/RHSA-2022:5948
- https://access.redhat.com/errata/RHSA-2022:6306
- https://access.redhat.com/errata/RHSA-2022:6443
- https://access.redhat.com/security/cve/cve-2022-27447
- https://bugzilla.redhat.com/show_bug.cgi?id=2075693
- https://ubuntu.com/security/notices/USN-5739-1
- https://www.cve.org/CVERecord?id=CVE-2022-27447
- https://nvd.nist.gov/vuln/detail/CVE-2022-27447
- https://launchpad.net/bugs/cve/CVE-2022-27447
- https://security-tracker.debian.org/tracker/CVE-2022-27447
- https://ubuntu.com/security/CVE-2022-27447
Frequently Asked Questions
What is CVE-2022-27447?
CVE-2022-27447 is a vulnerability in MariaDB Server v10.9 and below that allows an attacker to execute arbitrary code or cause a denial of service.
How does CVE-2022-27447 impact me?
If you are using MariaDB Server v10.9 or below, your system may be vulnerable to arbitrary code execution or denial of service.
What is the severity of CVE-2022-27447?
CVE-2022-27447 has a severity rating of 7.5 (High).
How can I fix CVE-2022-27447?
To fix CVE-2022-27447, you should update your MariaDB Server to version 10.7.4 or higher.
Where can I find more information about CVE-2022-27447?
You can find more information about CVE-2022-27447 in the references provided: [link1], [link2], [link3].
- collector/nvd-index
- agent/type
- agent/last-modified-date
- agent/author
- agent/severity
- agent/weakness
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2022-27447
- agent/software-canonical-lookup
- collector/usn-cve
- source/Ubuntu
- collector/security-tracker-debian
- source/Debian
- collector/launchpad-cve
- source/Launchpad
- agent/references
- collector/nvd-cve
- source/NVD
- agent/softwarecombine
- agent/description
- agent/first-publish-date
- agent/event
- agent/tags
- vendor/mariadb
- canonical/mariadb mariadb
- version/mariadb mariadb/10.3.0
- version/mariadb mariadb/10.4.0
- version/mariadb mariadb/10.5.0
- version/mariadb mariadb/10.6.0
- version/mariadb mariadb/10.7.0
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/10.0
- package-manager/redhat
- package-manager/ubuntu
- package-manager/debian