ZDI-CAN-16191: MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| MariaDB Server |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of ZDI-CAN-16191?
The severity of ZDI-CAN-16191 is categorized as a high risk due to potential local privilege escalation.
How do I fix ZDI-CAN-16191?
To fix ZDI-CAN-16191, ensure that you update your MariaDB installation to the latest version that addresses this vulnerability.
Who is affected by ZDI-CAN-16191?
ZDI-CAN-16191 affects local users with authentication on certain versions of MariaDB Server.
What types of attacks can ZDI-CAN-16191 facilitate?
ZDI-CAN-16191 can facilitate local privilege escalation attacks by allowing authenticated users to gain elevated access.
Is authentication required to exploit ZDI-CAN-16191?
Yes, authentication is required to exploit the ZDI-CAN-16191 vulnerability.
- agent/references
- agent/title
- agent/severity
- agent/description
- agent/source
- agent/type
- agent/tags
- agent/softwarecombine
- agent/event
- collector/zdi-advisory
- source/ZDI
- alias/ZDI-22-363
- alias/ZDI-CAN-16191
- alias/CVE-2022-24048
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/mariadb
- canonical/mariadb server