Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2022-31624

MariaDB Server before 10.7 is vulnerable to Denial of Service. While executing the plugin/server_audit/server_audit.c method log_statement_ex, the held lock lock_bigbuffer is not released correctly, which allows local users to trigger a denial of service due to the deadlock.

  • Published: May 25, 2022
  • Updated: Apr 14, 2023
  • CVE: CVE-2022-31624
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.5
  • AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

  • Severity: Low
  • Score: 2.1
  • AV:L/AC:L/Au:N/C:N/I:N/A:P

CWEs:

Software From Fixed in
mariadb / mariadb - 10.2.41
mariadb / mariadb 10.3.0 10.3.32
mariadb / mariadb 10.4.0 10.4.22
mariadb / mariadb 10.5.0 10.5.13
mariadb / mariadb 10.6.0 10.6.5