CVE-2022-32088
First published: Fri Jul 01 2022(Updated: )
Last updated 24 July 2024
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mariadb Mariadb | >=10.2.0<10.2.44 | |
| Mariadb Mariadb | >=10.3.0<10.3.35 | |
| Mariadb Mariadb | >=10.4.0<10.4.25 | |
| Mariadb Mariadb | >=10.5.0<10.5.16 | |
| Mariadb Mariadb | >=10.6.0<10.6.8 | |
| Mariadb Mariadb | >=10.7.0<10.7.4 | |
| Debian Debian Linux | =10.0 | |
| redhat/mariadb | <10.7.4 | 10.7.4 |
| redhat/mariadb | <10.6.8 | 10.6.8 |
| redhat/mariadb | <10.5.16 | 10.5.16 |
| redhat/mariadb | <10.4.25 | 10.4.25 |
| redhat/mariadb | <10.3.35 | 10.3.35 |
| redhat/mariadb | <10.2.44 | 10.2.44 |
| debian/mariadb-10.5 | 1:10.5.23-0+deb11u1 1:10.5.26-0+deb11u2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://jira.mariadb.org/browse/MDEV-26419
- https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html
- https://security.netapp.com/advisory/ntap-20220818-0005/
- https://github.com/MariaDB/server/commit/942a9791b2231273ba20649a658c856641268fae
- https://access.redhat.com/errata/RHSA-2022:5759
- https://access.redhat.com/errata/RHSA-2022:6306
- https://access.redhat.com/errata/RHSA-2022:6443
- https://access.redhat.com/security/cve/cve-2022-32088
- https://bugzilla.redhat.com/show_bug.cgi?id=2106008
- https://launchpad.net/bugs/cve/CVE-2022-32088
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32088
- https://nvd.nist.gov/vuln/detail/CVE-2022-32088
- https://security-tracker.debian.org/tracker/CVE-2022-32088
- https://ubuntu.com/security/CVE-2022-32088
- https://jira.mariadb.org/browse/MDEV-15208
- https://mariadb.com/kb/en/changes-improvements-in-mariadb-10-2/
- https://github.com/MariaDB/server/commit/647e952315740286df3cf6643732ad8deb1ff7fe
Frequently Asked Questions
What is CVE-2022-32088?
CVE-2022-32088 is a vulnerability in MariaDB versions 10.2 to 10.7 that can cause a segmentation fault via the component Exec_time_tracker.
What is the severity of CVE-2022-32088?
CVE-2022-32088 has a severity value of 7.5 (high).
Which software versions are affected by CVE-2022-32088?
MariaDB versions 10.2 to 10.7 are affected by CVE-2022-32088.
How can CVE-2022-32088 be fixed?
To fix CVE-2022-32088, update your MariaDB installation to version 10.2.44 (for versions 10.2.x), 10.3.35 (for versions 10.3.x), 10.4.25 (for versions 10.4.x), 10.5.16 (for versions 10.5.x), 10.6.8 (for versions 10.6.x), or 10.7.4 (for versions 10.7.x).
Where can I find more information about CVE-2022-32088?
You can find more information about CVE-2022-32088 on the following sources: [1] [2] [3].
- collector/nvd-index
- agent/type
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2022-32088
- agent/software-canonical-lookup
- agent/severity
- collector/launchpad-cve
- source/Launchpad
- agent/author
- collector/nvd-cve
- source/NVD
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/softwarecombine
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- collector/security-tracker-debian
- source/Debian
- vendor/mariadb
- canonical/mariadb mariadb
- version/mariadb mariadb/10.2.0
- version/mariadb mariadb/10.3.0
- version/mariadb mariadb/10.4.0
- version/mariadb mariadb/10.5.0
- version/mariadb mariadb/10.6.0
- version/mariadb mariadb/10.7.0
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/10.0
- package-manager/redhat
- package-manager/debian