Security Bulletin: PowerVC installation on RHEL is vulnerable to MariaDB with CVE-2021-46669, CVE-2022-24048, MariaDB - 219814, MariaDB - 219815, CVE-2022-24050, CVE-2022-24052

Summary

Summary guidance: MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used and it is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the processing of SQL queries. The specific flaw exists within the processing of SQL queries. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account.

Vulnerability Details

CVEID:CVE-2021-46669
**DESCRIPTION:**Mariadb is vulnerable to a denial of service, caused by a use-after-free flaw in the convert_const_to_int function. By sending a specially-crafted request using the BIGINT data type, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/218913 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

2.0.2

2.0.2.1

Remediation/Fixes

IBM strongly recommends addressing the vulnerability now by upgrading the MariaDB package to the ifix shipped version.

We are also recommending users to update directly to PowerVC v2.0.2.1 instead of moving to PowerVC v2.0.2

Product(s)|Version|APAR|
—|—|—|—
IBM PowerVC| 2.0.2.1| IT40929|

Workarounds and Mitigations

None