CVE-2023-5157: Mariadb: node crashes with transport endpoint is not connected mysqld got signal 6
First published: Fri Sep 22 2023(Updated: )
A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/mariadb | <10.3.36 | 10.3.36 |
| redhat/mariadb | <10.4.26 | 10.4.26 |
| redhat/mariadb | <10.5.17 | 10.5.17 |
| redhat/mariadb | <10.6.9 | 10.6.9 |
| redhat/mariadb | <10.7.5 | 10.7.5 |
| redhat/mariadb | <10.8.4 | 10.8.4 |
| Mariadb Mariadb | <10.4.26 | |
| Mariadb Mariadb | >=10.5.0<10.5.17 | |
| Mariadb Mariadb | >=10.6.0<10.6.9 | |
| Mariadb Mariadb | >=10.7.0<10.7.5 | |
| Mariadb Mariadb | >=10.8.0<10.8.4 | |
| Fedoraproject Fedora | =38 | |
| Redhat Codeready Linux Builder | =9.0 | |
| Redhat Codeready Linux Builder For Arm64 | =9.0_aarch64 | |
| Redhat Codeready Linux Builder For Arm64 Eus | =9.2_aarch64 | |
| Redhat Codeready Linux Builder For Ibm Z Systems | =9.0_s390x | |
| Redhat Codeready Linux Builder For Ibm Z Systems Eus | =9.2_s390x | |
| Redhat Codeready Linux Builder For Power Little Endian | =9.0_ppc64le | |
| Redhat Codeready Linux Builder For Power Little Endian Eus | =9.2_ppc64le | |
| Redhat Enterprise Linux | =8.0 | |
| Redhat Enterprise Linux | =9.0 | |
| Redhat Enterprise Linux Eus | =8.8 | |
| Redhat Enterprise Linux Eus | =9.2 | |
| Redhat Enterprise Linux For Arm 64 | =8.0_aarch64 | |
| Redhat Enterprise Linux For Arm 64 | =9.0_aarch64 | |
| Redhat Enterprise Linux For Arm 64 Eus | =8.8_aarch64 | |
| Redhat Enterprise Linux For Ibm Z Systems | =8.0_s390x | |
| Redhat Enterprise Linux For Ibm Z Systems | =9.2_s390x | |
| Redhat Enterprise Linux For Ibm Z Systems Eus | =8.8_s390x | |
| Redhat Enterprise Linux For Ibm Z Systems Eus | =9.2_s390x | |
| Redhat Enterprise Linux For Power Little Endian | =8.0_ppc64le | |
| Redhat Enterprise Linux For Power Little Endian | =9.0_ppc64le | |
| Redhat Enterprise Linux For Power Little Endian Eus | =8.8_ppc64le | |
| Redhat Enterprise Linux For Power Little Endian Eus | =9.2_ppc64le | |
| Redhat Enterprise Linux Server Aus | =9.2 | |
| Redhat Enterprise Linux Server Tus | =8.8 | |
| Redhat Enterprise Linux Eus | =8.6 | |
| Redhat Enterprise Linux Eus | =9.0 | |
| Redhat Enterprise Linux For Ibm Z Systems | =9.0_s390x | |
| Redhat Enterprise Linux For Ibm Z Systems Eus | =8.6_s390x | |
| Redhat Enterprise Linux Server Aus | =8.4 | |
| Redhat Enterprise Linux Server Aus | =8.6 | |
| Redhat Enterprise Linux Server Tus | =8.4 | |
| Redhat Enterprise Linux Server Tus | =8.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://access.redhat.com/errata/RHSA-2023:5683
- https://access.redhat.com/errata/RHSA-2023:5684
- https://access.redhat.com/errata/RHSA-2023:6821
- https://access.redhat.com/errata/RHSA-2023:6822
- https://access.redhat.com/errata/RHSA-2023:6883
- https://access.redhat.com/errata/RHSA-2023:7633
- https://access.redhat.com/security/cve/CVE-2023-5157
- https://bugzilla.redhat.com/show_bug.cgi?id=2240246
- https://issues.redhat.com/browse/RHEL-5223
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2240552
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2240553
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2240554
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2240555
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2240556
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2240557
Frequently Asked Questions
What is the vulnerability ID of this vulnerability?
The vulnerability ID is CVE-2023-5157.
What is the severity level of CVE-2023-5157?
The severity level of CVE-2023-5157 is high.
How does CVE-2023-5157 affect MariaDB?
CVE-2023-5157 allows a malicious remote client to cause a denial of service in MariaDB.
Which versions of MariaDB are affected by CVE-2023-5157?
MariaDB versions up to and including 10.4.26, 10.5.17, 10.6.9, 10.7.5, and 10.8.4 are affected by CVE-2023-5157.
How can I fix the CVE-2023-5157 vulnerability?
To fix the CVE-2023-5157 vulnerability, update MariaDB to version 10.4.26, 10.5.17, 10.6.9, 10.7.5, or 10.8.4.
- agent/author
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- agent/references
- agent/weakness
- agent/title
- agent/severity
- agent/description
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-5157
- agent/software-canonical-lookup
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- package-manager/redhat
- vendor/mariadb
- canonical/mariadb mariadb
- version/mariadb mariadb/10.5.0
- version/mariadb mariadb/10.6.0
- version/mariadb mariadb/10.7.0
- version/mariadb mariadb/10.8.0
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/38
- vendor/redhat
- canonical/redhat codeready linux builder
- version/redhat codeready linux builder/9.0
- canonical/redhat codeready linux builder for arm64
- version/redhat codeready linux builder for arm64/9.0_aarch64
- canonical/redhat codeready linux builder for arm64 eus
- version/redhat codeready linux builder for arm64 eus/9.2_aarch64
- canonical/redhat codeready linux builder for ibm z systems
- version/redhat codeready linux builder for ibm z systems/9.0_s390x
- canonical/redhat codeready linux builder for ibm z systems eus
- version/redhat codeready linux builder for ibm z systems eus/9.2_s390x
- canonical/redhat codeready linux builder for power little endian
- version/redhat codeready linux builder for power little endian/9.0_ppc64le
- canonical/redhat codeready linux builder for power little endian eus
- version/redhat codeready linux builder for power little endian eus/9.2_ppc64le
- canonical/redhat enterprise linux
- version/redhat enterprise linux/8.0
- version/redhat enterprise linux/9.0
- canonical/redhat enterprise linux eus
- version/redhat enterprise linux eus/8.8
- version/redhat enterprise linux eus/9.2
- canonical/redhat enterprise linux for arm 64
- version/redhat enterprise linux for arm 64/8.0_aarch64
- version/redhat enterprise linux for arm 64/9.0_aarch64
- canonical/redhat enterprise linux for arm 64 eus
- version/redhat enterprise linux for arm 64 eus/8.8_aarch64
- canonical/redhat enterprise linux for ibm z systems
- version/redhat enterprise linux for ibm z systems/8.0_s390x
- version/redhat enterprise linux for ibm z systems/9.2_s390x
- canonical/redhat enterprise linux for ibm z systems eus
- version/redhat enterprise linux for ibm z systems eus/8.8_s390x
- version/redhat enterprise linux for ibm z systems eus/9.2_s390x
- canonical/redhat enterprise linux for power little endian
- version/redhat enterprise linux for power little endian/8.0_ppc64le
- version/redhat enterprise linux for power little endian/9.0_ppc64le
- canonical/redhat enterprise linux for power little endian eus
- version/redhat enterprise linux for power little endian eus/8.8_ppc64le
- version/redhat enterprise linux for power little endian eus/9.2_ppc64le
- canonical/redhat enterprise linux server aus
- version/redhat enterprise linux server aus/9.2
- canonical/redhat enterprise linux server tus
- version/redhat enterprise linux server tus/8.8
- version/redhat enterprise linux eus/8.6
- version/redhat enterprise linux eus/9.0
- version/redhat enterprise linux for ibm z systems/9.0_s390x
- version/redhat enterprise linux for ibm z systems eus/8.6_s390x
- version/redhat enterprise linux server aus/8.4
- version/redhat enterprise linux server aus/8.6
- version/redhat enterprise linux server tus/8.4
- version/redhat enterprise linux server tus/8.6