CVE-2022-24051
Published: 18 February 2022
MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16193.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
mariadb-10.0 Launchpad, Ubuntu, Debian |
trusty |
Ignored
(end of standard support)
|
| upstream |
Needs triage
|
|
| xenial |
Needs triage
|
|
|
mariadb-10.1 Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
| trusty |
Ignored
(end of standard support)
|
|
| upstream |
Needs triage
|
|
| xenial |
Ignored
(end of standard support)
|
|
|
mariadb-10.3 Launchpad, Ubuntu, Debian |
focal |
Released
(1:10.3.34-0ubuntu0.20.04.1)
|
| trusty |
Ignored
(end of standard support)
|
|
| upstream |
Needs triage
|
|
| xenial |
Ignored
(end of standard support)
|
|
|
mariadb-10.5 Launchpad, Ubuntu, Debian |
trusty |
Ignored
(end of standard support)
|
| upstream |
Needs triage
|
|
| xenial |
Ignored
(end of standard support)
|
|
| impish |
Released
(1:10.5.15-0ubuntu0.21.10.1)
|
|
|
mariadb-10.6 Launchpad, Ubuntu, Debian |
trusty |
Ignored
(end of standard support)
|
| kinetic |
Ignored
(end of life, was needs-triage)
|
|
| lunar |
Needs triage
|
|
| upstream |
Needs triage
|
|
| xenial |
Ignored
(end of standard support)
|
|
| jammy |
Needs triage
|
|
| mantic |
Does not exist
|
|
|
mariadb-5.5 Launchpad, Ubuntu, Debian |
upstream |
Needs triage
|
| trusty |
Ignored
(end of standard support)
|
|
| xenial |
Ignored
(end of standard support)
|
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 7.8 |
| Attack vector | Local |
| Attack complexity | Low |
| Privileges required | Low |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |