ALSA-2022:5948

[ALSA-2022:5948] Moderate: galera, mariadb, and mysql-selinux security, bug fix, and enhancement update

Type:

security

Severity:

moderate

Release date:

2022-08-10

Description:

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. 
The following packages have been upgraded to a later upstream version: galera (26.4.11), mariadb (10.5.16), mysql-selinux (1.0.5).
Security Fix(es):
* mariadb: MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used (CVE-2021-46669)
* mariadb: lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer (CVE-2022-24048)
* mariadb: lack of validating the existence of an object prior to performing operations on the object (CVE-2022-24050)
* mariadb: lack of proper validation of a user-supplied string before using it as a format specifier (CVE-2022-24051)
* mariadb: CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability (CVE-2022-24052)
* mariadb: assertion failure in Item_args::walk_arg (CVE-2022-27376)
* mariadb: use-after-poison when complex conversion is involved in blob (CVE-2022-27377)
* mariadb: server crash in create_tmp_table::finalize (CVE-2022-27378)
* mariadb: server crash in component arg_comparator::compare_real_fixed (CVE-2022-27379)
* mariadb: server crash at my_decimal::operator= (CVE-2022-27380)
* mariadb: server crash at Field::set_default via specially crafted SQL statements (CVE-2022-27381)
* mariadb: assertion failure via component Item_field::used_tables/update_depend_map_for_order (CVE-2022-27382)
* mariadb: use-after-poison in my_strcasecmp_8bit() of ctype-simple.c (CVE-2022-27383)
* mariadb: crash via component Item_subselect::init_expr_cache_tracker (CVE-2022-27384)
* mariadb: server crashes in query_arena::set_query_arena upon SELECT from view (CVE-2022-27386)
* mariadb: assertion failures in decimal_bin_size (CVE-2022-27387)
* mariadb: crash when using HAVING with NOT EXIST predicate in an equality (CVE-2022-27444)
* mariadb: assertion failure in compare_order_elements (CVE-2022-27445)
* mariadb: crash when using HAVING with IS NULL predicate in an equality (CVE-2022-27446)
* mariadb: use-after-poison in Binary_string::free_buffer (CVE-2022-27447)
* mariadb: crash in multi-update and implicit grouping (CVE-2022-27448)
* mariadb: assertion failure in sql/item_func.cc (CVE-2022-27449)
* mariadb: crash via window function in expression in ORDER BY (CVE-2022-27451)
* mariadb: assertion failure in sql/item_cmpfunc.cc (CVE-2022-27452)
* mariadb: use-after-free when WHERE has subquery with an outer reference in HAVING (CVE-2022-27455)
* mariadb: assertion failure in VDec::VDec at /sql/sql_type.cc (CVE-2022-27456)
* mariadb: incorrect key in "dup value" error after long unique (CVE-2022-27457)
* mariadb: use-after-poison in Binary_string::free_buffer (CVE-2022-27458)
* mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc (CVE-2022-31622)
* mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc (CVE-2022-31623)
* mariadb: Crash executing query with VIEW, aggregate and subquery (CVE-2021-46659)
* mariadb: MariaDB allows an application crash in find_field_in_tables and find_order_in_list via an unused common table expression (CTE) (CVE-2021-46661)
* mariadb: MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT statements (CVE-2021-46663)
* mariadb: MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL value of aggr (CVE-2021-46664)
* mariadb: MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations (CVE-2021-46665)
* mariadb: MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements (CVE-2021-46668)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

CVE-2021-46659
CVE-2021-46661
CVE-2021-46663
CVE-2021-46664
CVE-2021-46665
CVE-2021-46668
CVE-2021-46669
CVE-2022-24048
CVE-2022-24050
CVE-2022-24051
CVE-2022-24052
CVE-2022-27376
CVE-2022-27377
CVE-2022-27378
CVE-2022-27379
CVE-2022-27380
CVE-2022-27381
CVE-2022-27382
CVE-2022-27383
CVE-2022-27384
CVE-2022-27386
CVE-2022-27387
CVE-2022-27444
CVE-2022-27445
CVE-2022-27446
CVE-2022-27447
CVE-2022-27448
CVE-2022-27449
CVE-2022-27451
CVE-2022-27452
CVE-2022-27455
CVE-2022-27456
CVE-2022-27457
CVE-2022-27458
CVE-2022-31622
CVE-2022-31623
RHSA-2022:5948
ALSA-2022:5948

Updated packages listed below:

Architecture	Package	Checksum
aarch64	mariadb-devel-10.5.16-2.el9_0.aarch64.rpm	146b0b5217618b0304f10a2470a8d5e0db6a99349d360b6807e62181f5475b3d
aarch64	mariadb-server-galera-10.5.16-2.el9_0.aarch64.rpm	2898ec19d2d60a138ab94f958ee9c6e9697e8aa391b0f955262f781ef3871786
aarch64	mariadb-test-10.5.16-2.el9_0.aarch64.rpm	62c8765ac5fa9cb1770372d8976b45f4151feefb69c5f129c318d3cea0309c8f
aarch64	mariadb-gssapi-server-10.5.16-2.el9_0.aarch64.rpm	7ea1c913b46a136a7d4e14f098df4b5807f087e3dac31b6f1eb8a88886c012a0
aarch64	mariadb-server-utils-10.5.16-2.el9_0.aarch64.rpm	8d3c8ba61504aa400c720710447d7045847fc7dc8e2b3b269101527070668a91
aarch64	mariadb-backup-10.5.16-2.el9_0.aarch64.rpm	8e5f4d8090355278e37fc867d90ade26c74ac2c0634d0c0765a3049779dc7183
aarch64	mariadb-10.5.16-2.el9_0.aarch64.rpm	90d775365b1bc7f942897f52eda13aceae35d5ce070d4f81c8e5568cee8a029a
aarch64	mariadb-errmsg-10.5.16-2.el9_0.aarch64.rpm	949affc68b2ba63c6dfc8f013355993428418522563fac9a6e5c56d04162ae57
aarch64	mariadb-common-10.5.16-2.el9_0.aarch64.rpm	9c27720372d9e0a4c631360e9c759879c0eddcc6c51727f9fd09577cc9578b2b
aarch64	mariadb-embedded-10.5.16-2.el9_0.aarch64.rpm	b1e67dc923d61ed166201cecd3c02e333474085bd5ce030977a14fe6d3f95807
aarch64	mariadb-embedded-devel-10.5.16-2.el9_0.aarch64.rpm	bfad67f9e719f3a6daba746d8c53914062e6e4fa08c97f3e757d0ae0cab7736e
aarch64	mariadb-server-10.5.16-2.el9_0.aarch64.rpm	d24d51d575b134585808f34e94614723bf800892096dd341b9c9d6e1c0a01ce9
aarch64	mariadb-oqgraph-engine-10.5.16-2.el9_0.aarch64.rpm	e7a273a6fefd860ced01f729101ede60affa572c340092b0fc59cb6aef52555a
aarch64	mariadb-pam-10.5.16-2.el9_0.aarch64.rpm	ef635d8b59ee8d5aa89775faf8ca51fd3b5fcdc1ed47688323405649fc35bac1
ppc64le	mariadb-gssapi-server-10.5.16-2.el9_0.ppc64le.rpm	033ecaa0c3246d7b56adc0862a01c8ec72f0c1b6c77dd4799a51f0e7577d8155
ppc64le	mariadb-common-10.5.16-2.el9_0.ppc64le.rpm	03e225447ae938128e0c05d7bd0718e20f93496185064e496435d6036e68add4
ppc64le	mariadb-server-10.5.16-2.el9_0.ppc64le.rpm	0980c38fe02c84db3986541173b7d79bf63f06688fafc51412f7284e21290c04
ppc64le	mariadb-server-galera-10.5.16-2.el9_0.ppc64le.rpm	26c6ec60252aee5fc4310531c08055ee5cc6c9fd92ccb515c668cfa60b069c70
ppc64le	mariadb-embedded-10.5.16-2.el9_0.ppc64le.rpm	32b6989f9040b8b837e1c86cbd4dcef140ac3f8966fee7691ee5e1cfb86fb17a
ppc64le	mariadb-errmsg-10.5.16-2.el9_0.ppc64le.rpm	4b0f85ab42e40f6af78e20eae35d2e9ae1861c9b07ab75e035a70f091c607ec1
ppc64le	mariadb-backup-10.5.16-2.el9_0.ppc64le.rpm	546c9ff5de63ddb911b647e3a2412e80cac7be9bb49b985c58ed0641e49a93c7
ppc64le	mariadb-oqgraph-engine-10.5.16-2.el9_0.ppc64le.rpm	7ec4b35d13c5130eb7b8671aee9cdd16808bb62a6b682282dfada63ee59938f8
ppc64le	mariadb-10.5.16-2.el9_0.ppc64le.rpm	91ef1ea8d37a17216017f6d860c4f1158e6bd57394de2859694fb57a0da859f4
ppc64le	mariadb-test-10.5.16-2.el9_0.ppc64le.rpm	955334f64ca1b6e73a1083f038645e5c6e7dc023537c22583bab1b8a05eddaae
ppc64le	mariadb-pam-10.5.16-2.el9_0.ppc64le.rpm	bba2cb5810487bed524de2dae61465b56902b3409833b6f45286dd5b5d4b79b6
ppc64le	mariadb-embedded-devel-10.5.16-2.el9_0.ppc64le.rpm	c65bfa02c475aee5ee614910b80a637fc3db353485810874b36d83ab8fa6f84e
ppc64le	mariadb-devel-10.5.16-2.el9_0.ppc64le.rpm	fb695453f8836fd714a583a9ec33b6e0b11c4e5f5062955bf10533eaeb88da38
ppc64le	mariadb-server-utils-10.5.16-2.el9_0.ppc64le.rpm	fbde17c3bbb5719daff965765d5d954f17b0e0944d9a8047febc6f389ef4902c
s390x	mariadb-backup-10.5.16-2.el9_0.s390x.rpm	2b79935a79b9b38dacbb156955865e3c015186a6a1363d467278078f65d8b073
s390x	mariadb-server-utils-10.5.16-2.el9_0.s390x.rpm	46eeb4cf8bdfd728a093181b7f0b22e9b18aad5f873b91b38e6ab620525e3ed4
s390x	mariadb-oqgraph-engine-10.5.16-2.el9_0.s390x.rpm	4998e4b26b0370c2b7b888e954e0d26fa62e667d96eae0069205f278a1ae4551
s390x	mariadb-server-10.5.16-2.el9_0.s390x.rpm	65adc8d50f18a4bffd1f335ec7138feb7b6a6e60cd7653265fd65f6d52b5e698
s390x	mariadb-10.5.16-2.el9_0.s390x.rpm	732dab00be1c7d2e6210d5fc0c8c550200c36a01fe46a1711415b7ec02e4814a
s390x	mariadb-pam-10.5.16-2.el9_0.s390x.rpm	975261dfe362348bff47e4058e7610a0d257083310b33ae579a88c299163ebc4
s390x	mariadb-common-10.5.16-2.el9_0.s390x.rpm	b04fd9035206c6e2ae9b2dcf76f0ee1da63604f23a45c67c04a5ce13b45897ff
s390x	mariadb-test-10.5.16-2.el9_0.s390x.rpm	b2dcbba4ed23cf529d96b736292034086c6914479b6a39e6d91039427219975a
s390x	mariadb-gssapi-server-10.5.16-2.el9_0.s390x.rpm	b6aa9f15ceab06fc61a8e8abe4c990da3659a20f42c17909222aef3324ceb8bb
s390x	mariadb-devel-10.5.16-2.el9_0.s390x.rpm	bd2f1ed7cfb768fe1ec4ede49366f7d3f90fac87363d3dd97ee7ce64ed42d38c
s390x	mariadb-embedded-10.5.16-2.el9_0.s390x.rpm	f2e6037e84dbd95103119d290e7972b72c4052717964e9d18590eb8688a62396
s390x	mariadb-embedded-devel-10.5.16-2.el9_0.s390x.rpm	fa1e775a824f64274a62358ac5e0df3fd48a356ef74cab87073ee864ead2522a
s390x	mariadb-errmsg-10.5.16-2.el9_0.s390x.rpm	fa3e41f38a47a6f4660060e152b669f8b29552903d0ab0a0c1af820b9b0066ca
s390x	mariadb-server-galera-10.5.16-2.el9_0.s390x.rpm	fefd371740d55e6748ad87e7a5dc218a8825baae9316e4069a6e279df3053103
x86_64	mariadb-pam-10.5.16-2.el9_0.x86_64.rpm	136e4fd832277e80c1e7a941195d3df0eb6b11ea53ed30a7e484408ed3556cb2
x86_64	mariadb-server-galera-10.5.16-2.el9_0.x86_64.rpm	137dff8beac08b5669ab9d4d184af99684efc0ff55d7e2dbe091c19414e3beda
x86_64	mariadb-backup-10.5.16-2.el9_0.x86_64.rpm	1a36782312cfff6d745e4d75882c89cca2d91fdbbab632a17c27b402ae6f1cf9
x86_64	mariadb-server-utils-10.5.16-2.el9_0.x86_64.rpm	252c7194b3af99775ed881be5b0ba4cb856e1880a903bdbcd057ea30c1c1f537
x86_64	mariadb-10.5.16-2.el9_0.x86_64.rpm	3c5e5f10bfd0ca6b1ce1e93e253a573afb3b6f64c26e456742f32da45cf07747
x86_64	mariadb-gssapi-server-10.5.16-2.el9_0.x86_64.rpm	43296b1cc02b13b87b4b07f95a0713e03fc6104f15cde2ec2d306983f1c281cd
x86_64	mariadb-oqgraph-engine-10.5.16-2.el9_0.x86_64.rpm	49b2b2fa616f9c71a95155b73877559000a75155a6b5a239a0be16c56ba308e2
x86_64	mariadb-embedded-10.5.16-2.el9_0.x86_64.rpm	538edca513f598c80b2b76c6e3b039a1acfd615b82f1da2b1db6038c9c327e2b
x86_64	mariadb-errmsg-10.5.16-2.el9_0.x86_64.rpm	6606496ebdbcd441d472fea4d8693bdb003b9153e165ea18ee710bf3226040ad
x86_64	mariadb-test-10.5.16-2.el9_0.x86_64.rpm	7ccd64432f350c45d01ede492e4d3abf7ee3d94f52c52d7b76efd94d28690a39
x86_64	mariadb-devel-10.5.16-2.el9_0.x86_64.rpm	7fe611ae97bd95b391d569ed68f1159848b7253653059b79fb1e1a7dc89d3c1c
x86_64	mariadb-common-10.5.16-2.el9_0.x86_64.rpm	b97941f1930c4dae49f4327a6827497cf718253bc0bb8ec04191d89a193b4f3a
x86_64	mariadb-embedded-devel-10.5.16-2.el9_0.x86_64.rpm	bbc665ce6563a480a408856b934a5ccb283023bdfd241fe41930eb71fb81dd87
x86_64	mariadb-server-10.5.16-2.el9_0.x86_64.rpm	d6070bd1aa3d306cfe83babc5422d8625d907b14b14d03457a95f10c236de682

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.