CVE-2022-27447: Use After Free
First published: Thu Apr 14 2022(Updated: )
Last updated 24 July 2024
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/mariadb | <10.7.4 | 10.7.4 |
| redhat/mariadb | <10.6.8 | 10.6.8 |
| redhat/mariadb | <10.5.16 | 10.5.16 |
| redhat/mariadb | <10.4.25 | 10.4.25 |
| redhat/mariadb | <10.3.35 | 10.3.35 |
| debian/mariadb-10.5 | 1:10.5.23-0+deb11u1 1:10.5.26-0+deb11u2 | |
| Ariadne CMS | >=10.3.0<10.3.35 | |
| Ariadne CMS | >=10.4.0<10.4.25 | |
| Ariadne CMS | >=10.5.0<10.5.16 | |
| Ariadne CMS | >=10.6.0<10.6.8 | |
| Ariadne CMS | >=10.7.0<10.7.4 | |
| Debian | =10.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://jira.mariadb.org/browse/MDEV-28099
- https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html
- https://security.netapp.com/advisory/ntap-20220526-0006/
- https://jira.mariadb.org/browse/MDEV-24176
- https://github.com/MariaDB/server/commit/c02ebf3510850ba78a106be9974c94c3b97d8585
- https://github.com/MariaDB/server/commit/08c7ab404f69d9c4ca6ca7a9cf7eec74c804f917
- https://github.com/MariaDB/server/commit/b3c3291f0b7c1623cb20663f7cf31b7f749768bc
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2090831
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2090832
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2090833
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2090834
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2090839
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2090845
- https://access.redhat.com/errata/RHSA-2022:5759
- https://access.redhat.com/errata/RHSA-2022:5826
- https://access.redhat.com/errata/RHSA-2022:5948
- https://access.redhat.com/errata/RHSA-2022:6306
- https://access.redhat.com/errata/RHSA-2022:6443
- https://access.redhat.com/security/cve/cve-2022-27447
- https://bugzilla.redhat.com/show_bug.cgi?id=2075693
- https://launchpad.net/bugs/cve/CVE-2022-27447
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27447
- https://nvd.nist.gov/vuln/detail/CVE-2022-27447
- https://security-tracker.debian.org/tracker/CVE-2022-27447
- https://ubuntu.com/security/CVE-2022-27447
- https://mariadb.com/kb/en/changes-improvements-in-mariadb-10-2/
Frequently Asked Questions
What is CVE-2022-27447?
CVE-2022-27447 is a vulnerability in MariaDB Server v10.9 and below that allows an attacker to execute arbitrary code or cause a denial of service.
How does CVE-2022-27447 impact me?
If you are using MariaDB Server v10.9 or below, your system may be vulnerable to arbitrary code execution or denial of service.
What is the severity of CVE-2022-27447?
CVE-2022-27447 has a severity rating of 7.5 (High).
How can I fix CVE-2022-27447?
To fix CVE-2022-27447, you should update your MariaDB Server to version 10.7.4 or higher.
Where can I find more information about CVE-2022-27447?
You can find more information about CVE-2022-27447 in the references provided: [link1], [link2], [link3].
- agent/type
- agent/severity
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2022-27447
- agent/software-canonical-lookup
- collector/launchpad-cve
- source/Launchpad
- agent/author
- collector/mitre-cve
- source/MITRE
- collector/usn-cve
- source/Ubuntu
- agent/first-publish-date
- agent/event
- agent/description
- collector/security-tracker-debian
- source/Debian
- agent/references
- agent/last-modified-date
- agent/trending
- agent/source
- agent/weakness
- agent/tags
- agent/softwarecombine
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-index
- package-manager/redhat
- package-manager/debian
- vendor/mariadb
- canonical/ariadne cms
- version/ariadne cms/10.3.0
- version/ariadne cms/10.4.0
- version/ariadne cms/10.5.0
- version/ariadne cms/10.6.0
- version/ariadne cms/10.7.0
- vendor/debian
- canonical/debian
- version/debian/10.0