QwikSec

Security Database

CVE

CWE

Training

CVE-2022-31624

Published: May 25, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

MariaDB Server before 10.7 is vulnerable to Denial of Service. While executing the plugin/server_audit/server_audit.c method log_statement_ex, the held lock lock_bigbuffer is not released correctly, which allows local users to trigger a denial of service due to the deadlock.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://jira.mariadb.org/browse/MDEV-26556?filter=-2

x_refsource_MISC

https://github.com/MariaDB/server/commit/d627d00b13ab2f2c0954ea7b77202470cb102944

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20220707-0006/

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.