Your submission was sent successfully! Close

CVE-2022-27376

Published: 12 April 2022

MariaDB Server v10.6.5 and below was discovered to contain an use-after-free in the component Item_args::walk_arg, which is exploited via specially crafted SQL statements.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
mariadb-10.0
Launchpad, Ubuntu, Debian
trusty Ignored
(out of standard support)
upstream Needs triage

xenial Ignored
(out of standard support)
mariadb-10.1
Launchpad, Ubuntu, Debian
bionic Needs triage

trusty Ignored
(out of standard support)
upstream Needs triage

xenial Ignored
(out of standard support)
mariadb-10.3
Launchpad, Ubuntu, Debian
focal
Released (1:10.3.37-0ubuntu0.20.04.1)
trusty Ignored
(out of standard support)
upstream Needs triage

xenial Ignored
(out of standard support)
mariadb-10.5
Launchpad, Ubuntu, Debian
impish Ignored
(reached end-of-life)
trusty Ignored
(out of standard support)
upstream Needs triage

xenial Ignored
(out of standard support)
mariadb-10.6
Launchpad, Ubuntu, Debian
jammy
Released (1:10.6.11-0ubuntu0.22.04.1)
kinetic
Released (1:10.6.8-1)
trusty Ignored
(out of standard support)
upstream Needs triage

xenial Ignored
(out of standard support)
mariadb-5.5
Launchpad, Ubuntu, Debian
trusty Ignored
(out of standard support)
upstream Needs triage

xenial Ignored
(out of standard support)