An update for mariadb is now available for openEuler-22.03-LTS Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2022-1616 Final 1.0 1.0 2022-04-16 Initial 2022-04-16 2022-04-16 openEuler SA Tool V1.0 2022-04-16 mariadb security update An update for mariadb is now available for openEuler-22.03-LTS. MariaDB is a community developed fork from MySQL - a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon (mariadbd) and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs and utilities. MariaDB turns data into structured information in a wide array of applications, ranging from banking to websites. It is an enhanced, drop-in replacement for MySQL. MariaDB is used because it is fast, scalable and robust, with a rich ecosystem of storage engines, plugins and many other tools make it very versatile for a wide variety of use cases. Security Fix(es): save_window_function_values in MariaDB before 10.6.3 allows an application crash because of incorrect handling of with_window_func=True for a subquery.(CVE-2021-46658) MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-engine resource limitations for temporary data structures.(CVE-2021-46668) MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16193.(CVE-2022-24051) MariaDB CONNECT Storage Engine Use-After-Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16207.(CVE-2022-24050) MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16191.(CVE-2022-24048) An update for mariadb is now available for openEuler-22.03-LTS. openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. High mariadb https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1616 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-46658 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-46668 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2022-24051 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2022-24050 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2022-24048 https://nvd.nist.gov/vuln/detail/CVE-2021-46658 https://nvd.nist.gov/vuln/detail/CVE-2021-46668 https://nvd.nist.gov/vuln/detail/CVE-2022-24051 https://nvd.nist.gov/vuln/detail/CVE-2022-24050 https://nvd.nist.gov/vuln/detail/CVE-2022-24048 openEuler-22.03-LTS mariadb-10.5.15-2.oe2203.aarch64.rpm mariadb-config-10.5.15-2.oe2203.aarch64.rpm mariadb-common-10.5.15-2.oe2203.aarch64.rpm mariadb-embedded-devel-10.5.15-2.oe2203.aarch64.rpm mariadb-test-10.5.15-2.oe2203.aarch64.rpm mariadb-server-10.5.15-2.oe2203.aarch64.rpm mariadb-devel-10.5.15-2.oe2203.aarch64.rpm mariadb-server-galera-10.5.15-2.oe2203.aarch64.rpm mariadb-embedded-10.5.15-2.oe2203.aarch64.rpm mariadb-backup-10.5.15-2.oe2203.aarch64.rpm mariadb-gssapi-server-10.5.15-2.oe2203.aarch64.rpm mariadb-errmsg-10.5.15-2.oe2203.aarch64.rpm mariadb-debugsource-10.5.15-2.oe2203.aarch64.rpm mariadb-debuginfo-10.5.15-2.oe2203.aarch64.rpm mariadb-oqgraph-engine-10.5.15-2.oe2203.aarch64.rpm mariadb-pam-10.5.15-2.oe2203.aarch64.rpm mariadb-rocksdb-engine-10.5.15-2.oe2203.aarch64.rpm mariadb-server-uitls-10.5.15-2.oe2203.aarch64.rpm mariadb-10.5.15-2.oe2203.src.rpm mariadb-gssapi-server-10.5.15-2.oe2203.x86_64.rpm mariadb-common-10.5.15-2.oe2203.x86_64.rpm mariadb-backup-10.5.15-2.oe2203.x86_64.rpm mariadb-debugsource-10.5.15-2.oe2203.x86_64.rpm mariadb-debuginfo-10.5.15-2.oe2203.x86_64.rpm mariadb-devel-10.5.15-2.oe2203.x86_64.rpm mariadb-errmsg-10.5.15-2.oe2203.x86_64.rpm mariadb-embedded-10.5.15-2.oe2203.x86_64.rpm mariadb-oqgraph-engine-10.5.15-2.oe2203.x86_64.rpm mariadb-embedded-devel-10.5.15-2.oe2203.x86_64.rpm mariadb-config-10.5.15-2.oe2203.x86_64.rpm mariadb-server-galera-10.5.15-2.oe2203.x86_64.rpm mariadb-server-10.5.15-2.oe2203.x86_64.rpm mariadb-test-10.5.15-2.oe2203.x86_64.rpm mariadb-10.5.15-2.oe2203.x86_64.rpm mariadb-pam-10.5.15-2.oe2203.x86_64.rpm mariadb-server-utils-10.5.15-2.oe2203.x86_64.rpm save_window_function_values in MariaDB before 10.6.3 allows an application crash because of incorrect handling of with_window_func=True for a subquery. 2022-04-16 CVE-2021-46658 openEuler-22.03-LTS Medium 5.5 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H mariadb security update 2022-04-16 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1616 MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-engine resource limitations for temporary data structures. 2022-04-16 CVE-2021-46668 openEuler-22.03-LTS High 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H mariadb security update 2022-04-16 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1616 MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16193. 2022-04-16 CVE-2022-24051 openEuler-22.03-LTS High 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H mariadb security update 2022-04-16 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1616 MariaDB CONNECT Storage Engine Use-After-Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16207. 2022-04-16 CVE-2022-24050 openEuler-22.03-LTS High 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H mariadb security update 2022-04-16 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1616 MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16191. 2022-04-16 CVE-2022-24048 openEuler-22.03-LTS High 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H mariadb security update 2022-04-16 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1616