CVE-2022-31622

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2022-31622
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-31622.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-31622
Aliases
Downstream
Related
Withdrawn
2025-06-23T15:55:03Z
Published
2022-05-25T21:15:00Z
Modified
2025-06-10T12:57:05.328349Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

* DISPUTED * MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/dscompress.cc, when an error occurs (pthreadcreate returns a nonzero value) while executing the method createworkerthreads, the held lock is not released correctly, which allows local users to trigger a denial of service due to the deadlock. Note: The vendor argues this is just an improper locking bug and not a vulnerability with adverse effects.

References

Affected packages

Ubuntu:Pro:16.04:LTS / mariadb-10.0

Package

Name
mariadb-10.0
Purl
pkg:deb/ubuntu/mariadb-10.0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

10.*

10.0.20-0ubuntu0.15.04.1
10.0.22-0ubuntu1
10.0.23-1
10.0.23-2
10.0.24-7
10.0.25-0ubuntu0.16.04.1
10.0.27-0ubuntu0.16.04.1
10.0.28-0ubuntu0.16.04.1
10.0.29-0ubuntu0.16.04.1
10.0.31-0ubuntu0.16.04.2
10.0.33-0ubuntu0.16.04.1
10.0.34-0ubuntu0.16.04.1
10.0.36-0ubuntu0.16.04.1
10.0.38-0ubuntu0.16.04.1

Ubuntu:Pro:18.04:LTS / mariadb-10.1

Package

Name
mariadb-10.1
Purl
pkg:deb/ubuntu/mariadb-10.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

10.*

10.1.25-1

1:10.*

1:10.1.29-6
1:10.1.34-0ubuntu0.18.04.1
1:10.1.38-0ubuntu0.18.04.1
1:10.1.38-0ubuntu0.18.04.2
1:10.1.40-0ubuntu0.18.04.1
1:10.1.41-0ubuntu0.18.04.1
1:10.1.43-0ubuntu0.18.04.1
1:10.1.44-0ubuntu0.18.04.1
1:10.1.47-0ubuntu0.18.04.1
1:10.1.48-0ubuntu0.18.04.1

Ubuntu:20.04:LTS / mariadb-10.3

Package

Name
mariadb-10.3
Purl
pkg:deb/ubuntu/mariadb-10.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:10.*

1:10.3.17-1
1:10.3.18-1
1:10.3.19-1
1:10.3.21-2
1:10.3.22-1
1:10.3.22-1ubuntu1
1:10.3.25-0ubuntu0.20.04.1
1:10.3.29-0ubuntu0.20.04.1
1:10.3.30-0ubuntu0.20.04.1
1:10.3.31-0ubuntu0.20.04.1
1:10.3.32-0ubuntu0.20.04.1
1:10.3.34-0ubuntu0.20.04.1
1:10.3.37-0ubuntu0.20.04.1
1:10.3.38-0ubuntu0.20.04.1
1:10.3.39-0ubuntu0.20.04.2

Ubuntu:22.04:LTS / mariadb-10.6

Package

Name
mariadb-10.6
Purl
pkg:deb/ubuntu/mariadb-10.6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:10.*

1:10.6.7-2ubuntu1
1:10.6.7-2ubuntu1.1
1:10.6.11-0ubuntu0.22.04.1
1:10.6.12-0ubuntu0.22.04.1
1:10.6.16-0ubuntu0.22.04.1
1:10.6.18-0ubuntu0.22.04.1