CVE-2023-5157: Mariadb: node crashes with transport endpoint is not connected mysqld got signal 6
First published: Fri Sep 22 2023(Updated: )
A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/mariadb | <10.3.36 | 10.3.36 |
| redhat/mariadb | <10.4.26 | 10.4.26 |
| redhat/mariadb | <10.5.17 | 10.5.17 |
| redhat/mariadb | <10.6.9 | 10.6.9 |
| redhat/mariadb | <10.7.5 | 10.7.5 |
| redhat/mariadb | <10.8.4 | 10.8.4 |
| MariaDB | <10.3.36 | |
| MariaDB | >=10.4.0<10.4.26 | |
| MariaDB | >=10.5.0<10.5.17 | |
| MariaDB | >=10.6.0<10.6.9 | |
| MariaDB | >=10.7.0<10.7.5 | |
| MariaDB | >=10.8.0<10.8.4 | |
| Red Hat Fedora | =38 | |
| Red Hat Enterprise Linux | =8.0 | |
| Red Hat Enterprise Linux | =9.0 | |
| Red Hat Enterprise Linux Server EUS | =8.6 | |
| Red Hat Enterprise Linux Server EUS | =8.8 | |
| Red Hat Enterprise Linux Server EUS | =9.0 | |
| Red Hat Enterprise Linux Server EUS | =9.2 | |
| Red Hat Enterprise Linux | =8.0_aarch64 | |
| Red Hat Enterprise Linux | =9.0_aarch64 | |
| Red Hat Enterprise Linux for ARM64 EUS | =8.8_aarch64 | |
| Red Hat Enterprise Linux for IBM Z Systems | =8.0_s390x | |
| Red Hat Enterprise Linux for IBM Z Systems | =9.0_s390x | |
| Red Hat Enterprise Linux for IBM Z Systems | =9.2_s390x | |
| Red Hat Enterprise Linux for IBM Z Systems (s390x) | =8.6_s390x | |
| Red Hat Enterprise Linux for IBM Z Systems (s390x) | =8.8_s390x | |
| Red Hat Enterprise Linux for IBM Z Systems (s390x) | =9.2_s390x | |
| Red Hat Enterprise Linux for Power, little endian | =8.0_ppc64le | |
| Red Hat Enterprise Linux for Power, little endian | =9.0_ppc64le | |
| Red Hat Enterprise Linux for Power, little endian - Extended Update Support | =8.8_ppc64le | |
| Red Hat Enterprise Linux for Power, little endian - Extended Update Support | =9.2_ppc64le | |
| Red Hat Enterprise Linux Server | =8.4 | |
| Red Hat Enterprise Linux Server | =8.6 | |
| Red Hat Enterprise Linux Server | =9.2 | |
| Red Hat Enterprise Linux Server | =8.4 | |
| Red Hat Enterprise Linux Server | =8.6 | |
| Red Hat Enterprise Linux Server | =8.8 | |
| MariaDB | <10.4.26 | |
| Red Hat CodeReady Linux Builder | =9.0 | |
| Red Hat CodeReady Linux Builder for ARM 64 | =9.0_aarch64 | |
| Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support | =9.2_aarch64 | |
| Red Hat CodeReady Linux Builder for IBM z Systems | =9.0_s390x | |
| Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support | =9.2_s390x | |
| Red Hat CodeReady Linux Builder for Power, little endian | =9.0_ppc64le | |
| Red Hat CodeReady Linux Builder for Power, little endian | =9.2_ppc64le |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://access.redhat.com/errata/RHSA-2023:5683
- https://access.redhat.com/errata/RHSA-2023:5684
- https://access.redhat.com/errata/RHSA-2023:6821
- https://access.redhat.com/errata/RHSA-2023:6822
- https://access.redhat.com/errata/RHSA-2023:6883
- https://access.redhat.com/errata/RHSA-2023:7633
- https://access.redhat.com/security/cve/CVE-2023-5157
- https://bugzilla.redhat.com/show_bug.cgi?id=2240246
- https://issues.redhat.com/browse/RHEL-5223
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2240552
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2240553
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2240554
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2240555
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2240556
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2240557
Frequently Asked Questions
What is the vulnerability ID of this vulnerability?
The vulnerability ID is CVE-2023-5157.
What is the severity level of CVE-2023-5157?
The severity level of CVE-2023-5157 is high.
How does CVE-2023-5157 affect MariaDB?
CVE-2023-5157 allows a malicious remote client to cause a denial of service in MariaDB.
Which versions of MariaDB are affected by CVE-2023-5157?
MariaDB versions up to and including 10.4.26, 10.5.17, 10.6.9, 10.7.5, and 10.8.4 are affected by CVE-2023-5157.
How can I fix the CVE-2023-5157 vulnerability?
To fix the CVE-2023-5157 vulnerability, update MariaDB to version 10.4.26, 10.5.17, 10.6.9, 10.7.5, or 10.8.4.
- agent/type
- agent/first-publish-date
- agent/references
- agent/weakness
- agent/title
- agent/severity
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-5157
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/source
- agent/author
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- package-manager/redhat
- vendor/mariadb
- canonical/mariadb
- version/mariadb/10.4.0
- version/mariadb/10.5.0
- version/mariadb/10.6.0
- version/mariadb/10.7.0
- version/mariadb/10.8.0
- vendor/fedoraproject
- canonical/red hat fedora
- version/red hat fedora/38
- vendor/redhat
- canonical/red hat enterprise linux
- version/red hat enterprise linux/8.0
- version/red hat enterprise linux/9.0
- canonical/red hat enterprise linux server eus
- version/red hat enterprise linux server eus/8.6
- version/red hat enterprise linux server eus/8.8
- version/red hat enterprise linux server eus/9.0
- version/red hat enterprise linux server eus/9.2
- version/red hat enterprise linux/8.0_aarch64
- version/red hat enterprise linux/9.0_aarch64
- canonical/red hat enterprise linux for arm64 eus
- version/red hat enterprise linux for arm64 eus/8.8_aarch64
- canonical/red hat enterprise linux for ibm z systems
- version/red hat enterprise linux for ibm z systems/8.0_s390x
- version/red hat enterprise linux for ibm z systems/9.0_s390x
- version/red hat enterprise linux for ibm z systems/9.2_s390x
- canonical/red hat enterprise linux for ibm z systems (s390x)
- version/red hat enterprise linux for ibm z systems (s390x)/8.6_s390x
- version/red hat enterprise linux for ibm z systems (s390x)/8.8_s390x
- version/red hat enterprise linux for ibm z systems (s390x)/9.2_s390x
- canonical/red hat enterprise linux for power, little endian
- version/red hat enterprise linux for power, little endian/8.0_ppc64le
- version/red hat enterprise linux for power, little endian/9.0_ppc64le
- canonical/red hat enterprise linux for power, little endian - extended update support
- version/red hat enterprise linux for power, little endian - extended update support/8.8_ppc64le
- version/red hat enterprise linux for power, little endian - extended update support/9.2_ppc64le
- canonical/red hat enterprise linux server
- version/red hat enterprise linux server/8.4
- version/red hat enterprise linux server/8.6
- version/red hat enterprise linux server/9.2
- version/red hat enterprise linux server/8.8
- canonical/red hat codeready linux builder
- version/red hat codeready linux builder/9.0
- canonical/red hat codeready linux builder for arm 64
- version/red hat codeready linux builder for arm 64/9.0_aarch64
- canonical/red hat codeready linux builder for arm 64 - extended update support
- version/red hat codeready linux builder for arm 64 - extended update support/9.2_aarch64
- canonical/red hat codeready linux builder for ibm z systems
- version/red hat codeready linux builder for ibm z systems/9.0_s390x
- canonical/red hat codeready linux builder for ibm z systems - extended update support
- version/red hat codeready linux builder for ibm z systems - extended update support/9.2_s390x
- canonical/red hat codeready linux builder for power, little endian
- version/red hat codeready linux builder for power, little endian/9.0_ppc64le
- version/red hat codeready linux builder for power, little endian/9.2_ppc64le