mariadb:10.3 security, bug fix, and enhancement update
エラータID: AXSA:2023-6436:01
リリース日:
2023/09/26 Tuesday - 01:36
題名:
mariadb:10.3 security, bug fix, and enhancement update
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- MariaDB の sub_select コンポーネントには、セグメンテーション
フォルトの問題があるため、リモートの攻撃者により、サービス
拒否攻撃を可能とする脆弱性が存在します。(CVE-2022-32084)
- MariaDB の
/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc の
__interceptor_memset() 関数には、メモリ領域の解放後アクセスの
問題があるため、リモートの攻撃者により、サービス拒否攻撃を可能
とする脆弱性が存在します。(CVE-2022-32091)
- MariaDB の extra/mariabackup/ds_compress.cc の compress_write()
関数には、ストリームへの書き込み失敗時に data_mutex を解放しない
問題があるため、ローカルの攻撃者により、サービス拒否攻撃 (デッド
ロックの発生) を可能とする脆弱性が存在します。(CVE-2022-38791)
- MariaDB の spider_db_mbase::print_warnings() メソッドには、NULL
ポインタデリファレンスの問題があるため、リモートの攻撃者により、
サービス拒否攻撃を可能とする脆弱性が存在します。(CVE-2022-47015)
Modularity name: mariadb
Stream name: 10.3
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2022-32084
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component sub_select.
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component sub_select.
CVE-2022-32091
MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc.
MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc.
CVE-2022-38791
In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.
In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.
CVE-2022-47015
MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer.
MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer.
追加情報:
N/A
ダウンロード:
SRPMS
- asio-1.10.8-7.module+el8+1659+c1edb637.src.rpm
MD5: d8b56483d5ec63c5c148c6121ea72142
SHA-256: e17e90065d715dc51d0066f979969af0d7f19373f6493507fcd4c1e3ee9443b0
Size: 0.99 MB - galera-25.3.37-1.module+el8+1659+c1edb637.src.rpm
MD5: 3411ebc4b9e8d065d840a0e776fcfc30
SHA-256: c5f7ba96e5fe6ef840ffa867da6c2fcee1a4132d3e785d1d9212698e058a7dfc
Size: 3.25 MB - Judy-1.0.5-18.module+el8+1659+c1edb637.src.rpm
MD5: 56163c5fbdc48b81d6768459590f70ca
SHA-256: 32b1f8143764332ff8145f55ac924d79db38e5f7fee743a272c5f405449fb70c
Size: 1.10 MB - mariadb-10.3.39-1.module+el8+1659+c1edb637.src.rpm
MD5: f26c8cac492ec30567b843bf59b79a63
SHA-256: 5c4d691a4b9c26ea356a22fbbac7fe5a84077f34dbe1c9e7cc54fe069dfb2463
Size: 65.60 MB
Asianux Server 8 for x86_64
- asio-devel-1.10.8-7.module+el8+1659+c1edb637.i686.rpm
MD5: 007daf88ac28bbd7b8e82de07adbcf81
SHA-256: 25f6d45a15764f7bac541f45eeebf74e12e07672689d260678f5b6b33a8e2747
Size: 637.47 kB - asio-devel-1.10.8-7.module+el8+1659+c1edb637.x86_64.rpm
MD5: 5865b80f3d29c92f367140c3d274a0c5
SHA-256: 791c84d4e3f60b8313b070e8e261d118afaa1d3884b73651d1be9f3806920997
Size: 637.44 kB - galera-25.3.37-1.module+el8+1659+c1edb637.i686.rpm
MD5: 08bd426670e234df17b88c10ec35a08d
SHA-256: 83484726ece0d2367b057db35d36778171cdc08ed397596275bfc3f4992386f9
Size: 1.70 MB - galera-25.3.37-1.module+el8+1659+c1edb637.x86_64.rpm
MD5: 0a3f47748df2414e27863bd50e954411
SHA-256: 2eba62071be10ceb6bcab8073d6f92b0c8574303d7b65c32b1865d0f10a6e48d
Size: 1.42 MB - galera-debugsource-25.3.37-1.module+el8+1659+c1edb637.i686.rpm
MD5: f775fc8497106712358f6227b8cb9698
SHA-256: 760f22b9895acabffdfad9dc5fde63859df852e3202794516adad10fe2190bb7
Size: 441.22 kB - galera-debugsource-25.3.37-1.module+el8+1659+c1edb637.x86_64.rpm
MD5: 83a9567e2a8f3f63c22ad9522170d2c2
SHA-256: 4f2260333261ff983896789ba7f2ef81fe4df7852cc3f03dd7ff76e9e69e17b4
Size: 441.83 kB - Judy-1.0.5-18.module+el8+1659+c1edb637.i686.rpm
MD5: da1321876fef647c8e050cfc51a389f6
SHA-256: 762095a6a150ae190a50a15e566647a2f4a1ae7a40d73b002b45f9c53431abf8
Size: 92.43 kB - Judy-1.0.5-18.module+el8+1659+c1edb637.x86_64.rpm
MD5: bf3dec9b4738cd1da21598da4c3e5693
SHA-256: 0c28b01ed88809156cbaa589a0f38d2e4b74caf5fa82c601f0666f179ddfed62
Size: 129.13 kB - Judy-debugsource-1.0.5-18.module+el8+1659+c1edb637.i686.rpm
MD5: a912597c44cfa43b454bb366f8e373ba
SHA-256: 3c381a0fbc9c58c5dae11929fbfbbaa44b20e959a41c2f1ad994c0c1c53016af
Size: 157.35 kB - Judy-debugsource-1.0.5-18.module+el8+1659+c1edb637.x86_64.rpm
MD5: af8c5351daac87835d73e0cecd66fc95
SHA-256: 69b80b7858b77c8bdf27a9cab6873a3ea92457bc14e313268901a89bfa7d55b3
Size: 157.63 kB - Judy-devel-1.0.5-18.module+el8+1659+c1edb637.i686.rpm
MD5: 04e0aae49cd36d294c0883ce5824f49a
SHA-256: 5f597aad90974775de7d98f0f69f80b51253e6e735415654047a41a91681d80e
Size: 74.64 kB - Judy-devel-1.0.5-18.module+el8+1659+c1edb637.x86_64.rpm
MD5: ffd41bea875fc4286f85113156fed6a1
SHA-256: 710892a819e7a87522f9caf46e504a0b4fab023a522883fdc8594c4f651b812f
Size: 74.62 kB - mariadb-10.3.39-1.module+el8+1659+c1edb637.i686.rpm
MD5: 6bdeb38ba5339bd929ba7145eb6396a3
SHA-256: 8fede886bdbec906257ab9cbdb753cd1ac4375f466c48f539bd9532e3d8c2204
Size: 5.84 MB - mariadb-10.3.39-1.module+el8+1659+c1edb637.x86_64.rpm
MD5: 62e7de75de75d3fa750c6c2e006b5a0b
SHA-256: 32e9e8de3a6fd05c4804ac66bd926bad1c3164016107774d75d522c7a9d3430a
Size: 6.02 MB - mariadb-backup-10.3.39-1.module+el8+1659+c1edb637.i686.rpm
MD5: 0729df766906ea5b6d28372b0b9983e2
SHA-256: a6a6bf64ae36ec71e310dcf660928b020b15ff80a11070e3dca4c615c004748b
Size: 6.17 MB - mariadb-backup-10.3.39-1.module+el8+1659+c1edb637.x86_64.rpm
MD5: 810db82a9bf08c23128aa3c38c3598e5
SHA-256: 6b1190a038545016dd9aa1db3546ae8669547d79ff41eacea2fa6605c980af8c
Size: 6.08 MB - mariadb-common-10.3.39-1.module+el8+1659+c1edb637.i686.rpm
MD5: 5a0ef3d0fd9ad52ffdb90790a8abe0f1
SHA-256: b0bc4d9e7c84b47fc32df58159d7700aa50241a842d675dd0e5c5a99f119b240
Size: 63.27 kB - mariadb-common-10.3.39-1.module+el8+1659+c1edb637.x86_64.rpm
MD5: a9cfc226409b1039e8c0dc1131e97f5f
SHA-256: 8310ec6071a9f125b8528eb4f48d5da93f577881c761a3f2152bff77c3e69025
Size: 63.24 kB - mariadb-debugsource-10.3.39-1.module+el8+1659+c1edb637.i686.rpm
MD5: da5466926459ea825bdc843e806b3084
SHA-256: c96e49fc86521d25ec6edef73df98664fa5cce748620681a8bd70b8f940487e5
Size: 9.17 MB - mariadb-debugsource-10.3.39-1.module+el8+1659+c1edb637.x86_64.rpm
MD5: 4329a1d80d8d7f2c2f09a8c48ad9e025
SHA-256: fc42b58751da4063f747207f85ce2c050f25be7603bf37709be6f645895efa53
Size: 9.17 MB - mariadb-devel-10.3.39-1.module+el8+1659+c1edb637.i686.rpm
MD5: 34c609300cbdaff25a2a02c110a5d3be
SHA-256: ac4d5638bd65c7b8e3352e966502c3e13aedf1117f6ee1824a1e837534c2f207
Size: 1.06 MB - mariadb-devel-10.3.39-1.module+el8+1659+c1edb637.x86_64.rpm
MD5: 249b245d25740c41d431eb29c5390f03
SHA-256: dad76e0fb5ff11562578ff6dcaceabbaee533873605f57e1e336f7ce9bf8aafe
Size: 1.06 MB - mariadb-embedded-10.3.39-1.module+el8+1659+c1edb637.i686.rpm
MD5: b25e6fe47f6c10d3074eff2f4b82c36b
SHA-256: e0dfdd6a12f5521894352ae53e6e3e6a977e3f96390bacb4473fe4c730ed9ac8
Size: 5.17 MB - mariadb-embedded-10.3.39-1.module+el8+1659+c1edb637.x86_64.rpm
MD5: 410488ab59a816d23b437ff7cf1a3d5c
SHA-256: b7a2222a6a92669bfd5083957e454f3f2dcd4f1a81f72569deffc5b2cfdafd33
Size: 4.98 MB - mariadb-embedded-devel-10.3.39-1.module+el8+1659+c1edb637.i686.rpm
MD5: 8646812917d17efa3b7a3b7d370eb172
SHA-256: e2794e800940eea6e4efc20db182db225e90ef3961199f71b25ee47aa17a1d57
Size: 43.82 kB - mariadb-embedded-devel-10.3.39-1.module+el8+1659+c1edb637.x86_64.rpm
MD5: ca34f25f57ad3f1d62990c4829fa798b
SHA-256: e5834d88109a36c69e7b24121e7b2c03de66d6612ef4e4a80bb8827569e1b032
Size: 43.80 kB - mariadb-errmsg-10.3.39-1.module+el8+1659+c1edb637.i686.rpm
MD5: 8700f11475e4ae3d20c82844a15ac33f
SHA-256: 3dd88ce810f624c7dd14947d40cb370ff8513589e086c8aef582ec51deb4e25a
Size: 233.78 kB - mariadb-errmsg-10.3.39-1.module+el8+1659+c1edb637.x86_64.rpm
MD5: 2a8e59c8fdfa6d3ad55cf8c4cdd5001b
SHA-256: d352a41d02ea4c903f9c583fa1bd614a2087eba55ed215615a5c07fac333e608
Size: 233.74 kB - mariadb-gssapi-server-10.3.39-1.module+el8+1659+c1edb637.i686.rpm
MD5: cd4315d47941c40ca83436353a26a0ae
SHA-256: e9ce46bcb50a506519b7c6ffb48ccb53ce756ec133b331afeee38939a5f89f96
Size: 50.43 kB - mariadb-gssapi-server-10.3.39-1.module+el8+1659+c1edb637.x86_64.rpm
MD5: cd70f00e7d0c40bb0c66f5ad91496689
SHA-256: db31d48c88ba62b6f2c73576a94f64efdfb469dc13ab7cfc61c3f3520eedc8b4
Size: 50.63 kB - mariadb-oqgraph-engine-10.3.39-1.module+el8+1659+c1edb637.i686.rpm
MD5: e7307fac5752bd07d7e7853d54c670d3
SHA-256: 2383b793eac70d5362a6a2e299addde739b3f8070f311f09eca590bccbed5bef
Size: 116.97 kB - mariadb-oqgraph-engine-10.3.39-1.module+el8+1659+c1edb637.x86_64.rpm
MD5: 5f8cd26f8f1a6d1299e04c3ca8761d3d
SHA-256: 914e78e308319d64c27bb0c66b66630e4c80f8f6f57988dcb9fca609b341a9d7
Size: 112.89 kB - mariadb-server-10.3.39-1.module+el8+1659+c1edb637.i686.rpm
MD5: 5c055710e263ec4380425d015d6e3b5a
SHA-256: 33141a73e029ff7889dd1a5c7135cf684c70028c77f7a675074c1ed24fc433ba
Size: 16.56 MB - mariadb-server-10.3.39-1.module+el8+1659+c1edb637.x86_64.rpm
MD5: 59794612a75583262afdcda6bc92a142
SHA-256: c5cdafece9a5bb226a428fcc8b6004ac92990662f99a7a7da137a12fa74ad318
Size: 16.43 MB - mariadb-server-galera-10.3.39-1.module+el8+1659+c1edb637.i686.rpm
MD5: f93299ad82a8aaf6041ac31f3c5d5911
SHA-256: 17c41240729ce600374f46206d91320a986e6405ae03ba265a225bb927b6abe1
Size: 60.44 kB - mariadb-server-galera-10.3.39-1.module+el8+1659+c1edb637.x86_64.rpm
MD5: 384e4cb3d4dcdee830d4748b9069e54d
SHA-256: 124db227929896c96d9445c58efde32cecd71b990a4830e26bedb483c9a3a0dd
Size: 60.41 kB - mariadb-server-utils-10.3.39-1.module+el8+1659+c1edb637.i686.rpm
MD5: edeb449b8c35844a1b0c4910f4d59839
SHA-256: bbbc177eac5df5d68caba0e0bb80ed0f0037ea9df1d2066e111d48e26ec5492d
Size: 1.10 MB - mariadb-server-utils-10.3.39-1.module+el8+1659+c1edb637.x86_64.rpm
MD5: e4112eb4d96a86ead36a610a63718016
SHA-256: ae4cddae46c25792954e5640f07e0648fdf16bd9fdb411089b92f061f106fac8
Size: 1.15 MB - mariadb-test-10.3.39-1.module+el8+1659+c1edb637.i686.rpm
MD5: 042bc15ed5669a1b6a4756684e40a881
SHA-256: c2ef5c27bae8d87af1054b15219bafc6df005f857e9379035447f78ea8deed66
Size: 27.45 MB - mariadb-test-10.3.39-1.module+el8+1659+c1edb637.x86_64.rpm
MD5: e45767ab8c5db2f34ceb745d4bd53dac
SHA-256: 5285deb7615d6fb03bc88d1b6b10cdc11d26f0704359aceb0ef84a414e973b5b
Size: 36.41 MB