Lucene search

K
mageia
Gentoo FoundationMGASA-2021-0402
HistoryAug 14, 2021 - 5:00 p.m.

Updated mariadb packages fix security vulnerabilities

2021-08-1417:00:09
Gentoo Foundation
advisories.mageia.org
10

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.209 Low

EPSS

Percentile

96.3%

Updated mariadb packages fix security vulnerabilities: A security issue has been found in the InnoDB component of MariaDB before version 10.6.4. A difficult to exploit vulnerability allows a high privileged attacker with network access via multiple protocols to compromise the MariaDB server. Successful attacks of this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete denial of service) of the MariaDB server (CVE-2021-2372). A security issue has been found in the InnoDB component of MariaDB before version 10.6.4. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise the MariaDB server. Successful attacks of this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete denial of service) of the MariaDB server (CVE-2021-2389).

OSVersionArchitecturePackageVersionFilename
Mageia8noarchmariadb< 10.5.12-1mariadb-10.5.12-1.mga8
How to protect your server from attacks?

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.209 Low

EPSS

Percentile

96.3%

Related for MGASA-2021-0402