Bug 1202863 - (CVE-2022-38791) VUL-0: CVE-2022-38791: mariadb-100,mariadb: data_mutex not released in compress_write causing a deadlock
(CVE-2022-38791)
VUL-0: CVE-2022-38791: mariadb-100,mariadb: data_mutex not released in compre...
Status: NEW
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Danilo Spinella
Security Team bot
https://smash.suse.de/issue/340965/
CVSSv3.1:SUSE:CVE-2022-38791:6.2:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2022-08-29 09:01 UTC by Thomas Leroy
Modified: 2022-11-02 17:25 UTC (History)
4 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Leroy 2022-08-29 09:01:51 UTC
CVE-2022-38791

In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc
does not release data_mutex upon a stream write failure, which allows local
users to trigger a deadlock.

Upstream fix:
https://github.com/edgelesssys/edgeless-mariadb/commit/91d5fffa0796b8208c3d6633c8f296da8914af4d

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38791
http://www.cvedetails.com/cve/CVE-2022-38791/
https://www.cve.org/CVERecord?id=CVE-2022-38791
https://jira.mariadb.org/browse/MDEV-28719
Comment 1 Thomas Leroy 2022-08-29 09:36:12 UTC
Correct upstream fix (same fix but from the correct repo):
https://github.com/MariaDB/server/commit/91d5fffa0796b8208c3d6633c8f296da8914af4d


Tracked as affected:
- SUSE:SLE-15-SP2:Update/mariadb
- SUSE:SLE-15-SP3:Update/mariadb
- SUSE:SLE-15-SP4:Update/mariadb
Comment 6 Swamp Workflow Management 2022-09-26 16:25:26 UTC
SUSE-SU-2022:3391-1: An update that solves 11 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1200105,1201161,1201162,1201163,1201164,1201165,1201166,1201167,1201168,1201169,1201170,1202863
CVE References: CVE-2022-32081,CVE-2022-32082,CVE-2022-32083,CVE-2022-32084,CVE-2022-32085,CVE-2022-32086,CVE-2022-32087,CVE-2022-32088,CVE-2022-32089,CVE-2022-32091,CVE-2022-38791
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    mariadb-10.5.17-150300.3.21.1
SUSE Linux Enterprise Module for Server Applications 15-SP3 (src):    mariadb-10.5.17-150300.3.21.1
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (src):    mariadb-10.5.17-150300.3.21.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 9 Swamp Workflow Management 2022-11-02 17:25:45 UTC
SUSE-RU-2022:3855-1: An update that fixes one vulnerability is now available.

Category: recommended (important)
Bug References: 1202863
CVE References: CVE-2022-38791
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    mariadb-10.6.10-150400.3.17.1
SUSE Linux Enterprise Module for Server Applications 15-SP4 (src):    mariadb-10.6.10-150400.3.17.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.