Lucene search
OracleLinuxELSA-2023-5684HistoryOct 18, 2023 - 12:00 a.m.
galera and mariadb security update
2023-10-1800:00:00
linux.oracle.com
11
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
67.6%
galera
[26.4.14-1.0.1]
- Rebase to 26.4.14
[26.4.13-1.0.1] - Rebase to 26.4.13
[26.4.12-1.0.1] - Rebase to 26.4.12
mariadb
[3:10.5.22-1] - Rebase to 10.5.22
[3:10.5.21-1] - Rebase to version 10.5.21
[3:10.5.20-2] - Use _fortify_level to disable fortification in debug builds
[3:10.5.20-1] - Rebase to version 10.5.20
[3:10.5.18-1] - Rebase to 10.5.18
- OpenSSL 3 patch upstreamed
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 9 | src | galera | < 26.4.14-1.0.1.el9_2 | galera-26.4.14-1.0.1.el9_2.src.rpm |
| oracle linux | 9 | src | mariadb | < 10.5.22-1.el9_2 | mariadb-10.5.22-1.el9_2.src.rpm |
| oracle linux | 9 | src | mariadb | < 10.5.22-1.el9_2 | mariadb-10.5.22-1.el9_2.src.rpm |
| oracle linux | 9 | aarch64 | galera | < 26.4.14-1.0.1.el9_2 | galera-26.4.14-1.0.1.el9_2.aarch64.rpm |
| oracle linux | 9 | aarch64 | mariadb | < 10.5.22-1.el9_2 | mariadb-10.5.22-1.el9_2.aarch64.rpm |
| oracle linux | 9 | aarch64 | mariadb-backup | < 10.5.22-1.el9_2 | mariadb-backup-10.5.22-1.el9_2.aarch64.rpm |
| oracle linux | 9 | aarch64 | mariadb-common | < 10.5.22-1.el9_2 | mariadb-common-10.5.22-1.el9_2.aarch64.rpm |
| oracle linux | 9 | aarch64 | mariadb-devel | < 10.5.22-1.el9_2 | mariadb-devel-10.5.22-1.el9_2.aarch64.rpm |
| oracle linux | 9 | aarch64 | mariadb-embedded | < 10.5.22-1.el9_2 | mariadb-embedded-10.5.22-1.el9_2.aarch64.rpm |
| oracle linux | 9 | aarch64 | mariadb-embedded-devel | < 10.5.22-1.el9_2 | mariadb-embedded-devel-10.5.22-1.el9_2.aarch64.rpm |
Related
nessus
nessus
AlmaLinux 9 : galera and mariadb (ALSA-2023:5684)
2023-10-13 00:00:00
RHEL 9 : galera and mariadb (RHSA-2023:5684)
2023-10-12 00:00:00
Rocky Linux 8 : mariadb:10.5 (RLSA-2023:5683)
2023-10-14 00:00:00
almalinux
almalinux
Important: galera and mariadb security update
2023-10-12 00:00:00
Important: mariadb:10.5 security update
2023-10-12 00:00:00
Moderate: mariadb:10.3 security, bug fix, and enhancement update
2023-09-19 00:00:00
oraclelinux
oraclelinux
mariadb:10.5 security update
2023-10-13 00:00:00
mariadb:10.3 security, bug fix, and enhancement update
2023-09-21 00:00:00
osv
osv
Important: mariadb:10.5 security update
2023-10-14 02:08:04
Important: galera and mariadb security update
2023-10-12 00:00:00
Important: mariadb:10.5 security update
2023-10-12 00:00:00
rocky
rocky
mariadb:10.5 security update
2023-10-14 02:08:04
redhat
redhat
(RHSA-2023:5684) Important: galera and mariadb security update
2023-10-12 13:00:38
(RHSA-2023:5683) Important: mariadb:10.5 security update
2023-10-12 13:00:36
openvas
openvas
Fedora: Security Advisory for mariadb (FEDORA-2022-333df1c4aa)
2022-11-30 00:00:00
Fedora: Security Advisory for mariadb (FEDORA-2022-e0e9a43546)
2022-11-30 00:00:00
Fedora: Security Advisory for galera (FEDORA-2022-333df1c4aa)
2022-11-30 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: galera-26.4.13-1.fc36
2022-11-30 01:35:08
[SECURITY] Fedora 35 Update: galera-26.4.13-1.fc35
2022-11-30 01:38:45
[SECURITY] Fedora 36 Update: mariadb-10.5.18-1.fc36
2022-11-30 01:35:08
mageia
mageia
Updated mariadb packages fix security vulnerability
2022-08-29 08:07:41
Updated mariadb packages fix security vulnerability
2023-05-22 18:30:54
freebsd
freebsd
MariaDB -- Multiple vulnerabilities
2022-08-22 00:00:00
MariaDB -- Nullpointer dereference
2023-05-10 00:00:00
slackware
slackware
[slackware-security] mariadb
2022-08-16 18:58:18
rosalinux
rosalinux
Advisory ROSA-SA-2023-2255
2023-10-21 15:57:28
Advisory ROSA-SA-2024-2413
2024-05-02 09:15:10
suse
suse
Security update for mariadb (important)
2022-09-26 00:00:00
Security update for mariadb (important)
2022-09-07 00:00:00
cve
cve
debiancve
debiancve
veracode
veracode
Use-After-Free
2022-08-27 18:13:14
Denial Of Service (DoS)
2022-08-27 18:13:20
Use-after-poison
2022-08-27 17:50:17
alpinelinux
alpinelinux
debian
debian
[SECURITY] [DLA 3444-1] mariadb-10.3 security update
2023-06-04 06:56:45
[SECURITY] [DLA 3444-1] mariadb-10.3 security update
2023-06-04 06:43:37
ubuntucve
ubuntucve
redhatcve
redhatcve
mariadbunix
mariadbunix
prion
prion
Design/Logic Flaw
2022-08-27 20:15:00
Design/Logic Flaw
2022-07-01 20:15:00
Null pointer dereference
2023-01-20 19:15:00
cbl_mariner
cbl_mariner
CVE-2022-38791 affecting package mariadb 10.3.35-1
2022-10-13 00:40:28
CVE-2022-32091 affecting package mariadb for versions less than 10.6.9-1
2022-09-07 19:51:44
CVE-2022-47015 affecting package mariadb 10.3.36-1
2023-03-02 04:18:43
redos
redos
ROS-20240409-16
2024-04-09 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
67.6%
Related for ELSA-2023-5684