An issue in the component Itemsubselect::initexprcachetracker of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements.
{ "vanir_signatures": [ { "id": "CVE-2022-27384-261ea06f", "signature_type": "Function", "digest": { "function_hash": "139410885805228531428960716111714496814", "length": 3842.0 }, "target": { "file": "sql/sql_parse.cc", "function": "st_select_lex::add_table_to_list" }, "deprecated": false, "signature_version": "v1", "source": "https://github.com/mariadb/server/commit/0ba528fe56f6c637d9fbc9d177a62610038fd519" }, { "id": "CVE-2022-27384-7971ffe8", "signature_type": "Line", "digest": { "line_hashes": [ "109653293203522022930865857668421870622", "29073102755632696090890904852202915678", "319062535768988456620840697081414713359", "80418953152597147384415640027788794032" ], "threshold": 0.9 }, "target": { "file": "sql/sql_parse.cc" }, "deprecated": false, "signature_version": "v1", "source": "https://github.com/mariadb/server/commit/0ba528fe56f6c637d9fbc9d177a62610038fd519" } ] }