Bug 1198606 - (CVE-2022-27380) VUL-0: CVE-2022-27380: mariadb,mariadb-100: server crash at my_decimal:operator=
(CVE-2022-27380)
VUL-0: CVE-2022-27380: mariadb,mariadb-100: server crash at my_decimal:operator=
Status: NEW
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/328927/
CVSSv3.1:SUSE:CVE-2022-27380:7.1:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2022-04-19 11:25 UTC by Hu
Modified: 2022-09-12 13:01 UTC (History)
4 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Hu 2022-04-19 11:25:19 UTC
rh#2074966

An issue in the component my_decimal::operator= of MariaDB Server v10.6.3 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.

https://jira.mariadb.org/browse/MDEV-26280

References:
https://bugzilla.redhat.com/show_bug.cgi?id=2074966
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27380
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27380
https://jira.mariadb.org/browse/MDEV-26280
Comment 1 Hu 2022-04-19 11:39:34 UTC
There is no fix yet, we contacted upstream and they want to fix it in the upcoming releases.

These CVEs are part of the bunch with no fix, I opened bugs for all of them seperately:
> CVE-2022-27377 https://bugzilla.suse.com/show_bug.cgi?id=1198603
> CVE-2022-27378 https://bugzilla.suse.com/show_bug.cgi?id=1198604
> CVE-2022-27379 https://bugzilla.suse.com/show_bug.cgi?id=1198605
> CVE-2022-27380 https://bugzilla.suse.com/show_bug.cgi?id=1198606
> CVE-2022-27381 https://bugzilla.suse.com/show_bug.cgi?id=1198607
> CVE-2022-27382 https://bugzilla.suse.com/show_bug.cgi?id=1198609
> CVE-2022-27383 https://bugzilla.suse.com/show_bug.cgi?id=1198610
> CVE-2022-27384 https://bugzilla.suse.com/show_bug.cgi?id=1198611
> CVE-2022-27386 https://bugzilla.suse.com/show_bug.cgi?id=1198612
> CVE-2022-27387 https://bugzilla.suse.com/show_bug.cgi?id=1198613
Comment 2 Hu 2022-04-19 12:51:49 UTC
All codestreams affected:
- SUSE:SLE-12-SP1:Update/mariadb                                10.0.40
- SUSE:SLE-12-SP3:Update:Products:Cloud8:Update/mariadb         10.2.31
- SUSE:SLE-12-SP4:Update/mariadb                                10.2.39
- SUSE:SLE-15:Update/mariadb                                    10.2.43
- SUSE:SLE-15-SP2:Update/mariadb                                10.4.14
- SUSE:SLE-15-SP3:Update/mariadb                                10.5.15
- SUSE:SLE-15-SP4:Update/mariadb                                10.6.7
- openSUSE:Factory/mariadb                                      10.7.3
- SUSE:SLE-12-SP4:Update/mariadb-100                            10.0.40
Comment 4 Swamp Workflow Management 2022-06-07 19:18:38 UTC
SUSE-SU-2022:2003-1: An update that fixes 25 vulnerabilities is now available.

Category: security (important)
Bug References: 1198603,1198604,1198605,1198606,1198607,1198609,1198610,1198611,1198612,1198613,1198628,1198629,1198630,1198631,1198632,1198633,1198634,1198635,1198636,1198637,1198638,1198639,1198640,1199928
CVE References: CVE-2021-46669,CVE-2022-21427,CVE-2022-27376,CVE-2022-27377,CVE-2022-27378,CVE-2022-27379,CVE-2022-27380,CVE-2022-27381,CVE-2022-27382,CVE-2022-27383,CVE-2022-27384,CVE-2022-27386,CVE-2022-27387,CVE-2022-27444,CVE-2022-27445,CVE-2022-27446,CVE-2022-27447,CVE-2022-27448,CVE-2022-27449,CVE-2022-27451,CVE-2022-27452,CVE-2022-27455,CVE-2022-27456,CVE-2022-27457,CVE-2022-27458
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    mariadb-10.5.16-150300.3.18.1
SUSE Linux Enterprise Module for Server Applications 15-SP3 (src):    mariadb-10.5.16-150300.3.18.1
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (src):    mariadb-10.5.16-150300.3.18.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 6 Swamp Workflow Management 2022-06-16 19:32:59 UTC
SUSE-SU-2022:2107-1: An update that fixes 11 vulnerabilities is now available.

Category: security (important)
Bug References: 1198603,1198604,1198606,1198607,1198610,1198611,1198612,1198613,1198629,1199928
CVE References: CVE-2021-46669,CVE-2022-21427,CVE-2022-27377,CVE-2022-27378,CVE-2022-27380,CVE-2022-27381,CVE-2022-27383,CVE-2022-27384,CVE-2022-27386,CVE-2022-27387,CVE-2022-27445
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    mariadb-10.2.44-150000.3.54.1
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    mariadb-10.2.44-150000.3.54.1
SUSE Linux Enterprise Server for SAP 15 (src):    mariadb-10.2.44-150000.3.54.1
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    mariadb-10.2.44-150000.3.54.1
SUSE Linux Enterprise Server 15-SP1-BCL (src):    mariadb-10.2.44-150000.3.54.1
SUSE Linux Enterprise Server 15-LTSS (src):    mariadb-10.2.44-150000.3.54.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    mariadb-10.2.44-150000.3.54.1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    mariadb-10.2.44-150000.3.54.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    mariadb-10.2.44-150000.3.54.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    mariadb-10.2.44-150000.3.54.1
SUSE Enterprise Storage 6 (src):    mariadb-10.2.44-150000.3.54.1
SUSE CaaS Platform 4.0 (src):    mariadb-10.2.44-150000.3.54.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 7 Swamp Workflow Management 2022-06-23 13:19:54 UTC
SUSE-SU-2022:2160-1: An update that fixes 11 vulnerabilities is now available.

Category: security (important)
Bug References: 1198603,1198604,1198606,1198607,1198610,1198611,1198612,1198613,1198629,1199928
CVE References: CVE-2021-46669,CVE-2022-21427,CVE-2022-27377,CVE-2022-27378,CVE-2022-27380,CVE-2022-27381,CVE-2022-27383,CVE-2022-27384,CVE-2022-27386,CVE-2022-27387,CVE-2022-27445
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    mariadb-10.2.44-3.50.1
SUSE OpenStack Cloud 9 (src):    mariadb-10.2.44-3.50.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    mariadb-10.2.44-3.50.1
SUSE Linux Enterprise Server 12-SP5 (src):    mariadb-10.2.44-3.50.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    mariadb-10.2.44-3.50.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 8 Swamp Workflow Management 2022-06-27 13:17:02 UTC
SUSE-SU-2022:2189-1: An update that fixes 25 vulnerabilities is now available.

Category: security (important)
Bug References: 1198603,1198604,1198605,1198606,1198607,1198609,1198610,1198611,1198612,1198613,1198628,1198629,1198630,1198631,1198632,1198633,1198634,1198635,1198636,1198637,1198638,1198639,1198640,1199928
CVE References: CVE-2021-46669,CVE-2022-21427,CVE-2022-27376,CVE-2022-27377,CVE-2022-27378,CVE-2022-27379,CVE-2022-27380,CVE-2022-27381,CVE-2022-27382,CVE-2022-27383,CVE-2022-27384,CVE-2022-27386,CVE-2022-27387,CVE-2022-27444,CVE-2022-27445,CVE-2022-27446,CVE-2022-27447,CVE-2022-27448,CVE-2022-27449,CVE-2022-27451,CVE-2022-27452,CVE-2022-27455,CVE-2022-27456,CVE-2022-27457,CVE-2022-27458
JIRA References: 
Sources used:
SUSE Manager Server 4.1 (src):    mariadb-10.4.25-150200.3.28.1
SUSE Manager Retail Branch Server 4.1 (src):    mariadb-10.4.25-150200.3.28.1
SUSE Manager Proxy 4.1 (src):    mariadb-10.4.25-150200.3.28.1
SUSE Linux Enterprise Server for SAP 15-SP2 (src):    mariadb-10.4.25-150200.3.28.1
SUSE Linux Enterprise Server 15-SP2-LTSS (src):    mariadb-10.4.25-150200.3.28.1
SUSE Linux Enterprise Server 15-SP2-BCL (src):    mariadb-10.4.25-150200.3.28.1
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src):    mariadb-10.4.25-150200.3.28.1
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src):    mariadb-10.4.25-150200.3.28.1
SUSE Enterprise Storage 7 (src):    mariadb-10.4.25-150200.3.28.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 9 Swamp Workflow Management 2022-07-27 16:19:30 UTC
SUSE-SU-2022:2561-1: An update that fixes 36 vulnerabilities, contains one feature is now available.

Category: security (important)
Bug References: 1195076,1195325,1195334,1195339,1196016,1198603,1198604,1198605,1198606,1198607,1198609,1198610,1198611,1198612,1198613,1198628,1198629,1198630,1198631,1198632,1198633,1198634,1198635,1198636,1198637,1198638,1198639,1198640,1199928
CVE References: CVE-2021-46657,CVE-2021-46658,CVE-2021-46659,CVE-2021-46661,CVE-2021-46663,CVE-2021-46664,CVE-2021-46665,CVE-2021-46668,CVE-2021-46669,CVE-2022-24048,CVE-2022-24050,CVE-2022-24051,CVE-2022-24052,CVE-2022-27376,CVE-2022-27377,CVE-2022-27378,CVE-2022-27379,CVE-2022-27380,CVE-2022-27381,CVE-2022-27382,CVE-2022-27383,CVE-2022-27384,CVE-2022-27386,CVE-2022-27387,CVE-2022-27444,CVE-2022-27445,CVE-2022-27446,CVE-2022-27447,CVE-2022-27448,CVE-2022-27449,CVE-2022-27451,CVE-2022-27452,CVE-2022-27455,CVE-2022-27456,CVE-2022-27457,CVE-2022-27458
JIRA References: SLE-22245
Sources used:
openSUSE Leap 15.4 (src):    mariadb-10.6.8-150400.3.7.1
SUSE Linux Enterprise Module for Server Applications 15-SP4 (src):    mariadb-10.6.8-150400.3.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 10 Robert Frohl 2022-08-08 07:06:42 UTC
we track this as affected for SLE-12-SP1 and as it is above 7.0 cvss could you ask for a patch ?