Lucene search

K
ubuntucveUbuntu.comUB:CVE-2022-31622
HistoryMay 25, 2022 - 12:00 a.m.

CVE-2022-31622

2022-05-2500:00:00
ubuntu.com
ubuntu.com
19

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.5 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

5.1%

DISPUTED MariaDB Server before 10.7 is vulnerable to Denial of
Service. In extra/mariabackup/ds_compress.cc, when an error occurs
(pthread_create returns a nonzero value) while executing the method
create_worker_threads, the held lock is not released correctly, which
allows local users to trigger a denial of service due to the deadlock.
Note: The vendor argues this is just an improper locking bug and not a
vulnerability with adverse effects.

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.5 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

5.1%