Bugzilla – Bug 1215712
VUL-0: CVE-2023-5157: mariadb,mariadb-100: node crashes with Transport endpoint is not connected mysqld got signal 6
Last modified: 2024-06-07 20:41:22 UTC
Node crashes with Transport endpoint is not connected mysqld got signal 6. References: https://issues.redhat.com/browse/RHEL-5223 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5157
Hi folks, are you sure you have the right CVE here? https://www.suse.com/security/cve/CVE-2023-5157.html and https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5157 described it as "A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service." The description here is "mariadb,mariadb-100: node crashes with Transport endpoint is not connected mysqld got signal 6" Thanks, Simon
(In reply to Simon Logan from comment #2) > Hi folks, are you sure you have the right CVE here? > > https://www.suse.com/security/cve/CVE-2023-5157.html and > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5157 described it as > "A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 > and 4567 allows a malicious remote client to cause a denial of service." > > The description here is "mariadb,mariadb-100: node crashes with Transport > endpoint is not connected mysqld got signal 6" > > Thanks, > Simon Hi folks, please check my question in comment 2. Thanks, Simon
All done, closing.
The mismatching titles seem to come from https://bugzilla.redhat.com/show_bug.cgi?id=2240246 which has Title: "CVE-2023-5157 mariadb: node crashes with Transport endpoint is not connected mysqld got signal 6" Doc Text: "A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service." Mismatch explained.