CVE-2022-31624

MariaDB Server before 10.7 is vulnerable to Denial of Service. While executing the plugin/serveraudit/serveraudit.c method logstatementex, the held lock lock_bigbuffer is not released correctly, which allows local users to trigger a denial of service due to the deadlock.

References

Affected packages

Git / github.com/mariadb/server

Affected ranges

Type: GIT
Repo: https://github.com/mariadb/server
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

d627d00b13ab2f2c0954ea7b77202470cb102944

Affected versions

mariadb-10.*

mariadb-10.0.11

mariadb-10.0.12

mariadb-10.0.13

mariadb-10.0.14

mariadb-10.0.15

mariadb-10.0.16

mariadb-10.0.17

mariadb-10.0.18

mariadb-10.0.19

mariadb-10.0.20

mariadb-10.0.21

mariadb-10.0.22

mariadb-10.0.23

mariadb-10.0.24

mariadb-10.0.25

mariadb-10.0.26

mariadb-10.0.27

mariadb-10.0.28

mariadb-10.0.29

mariadb-10.0.30

mariadb-10.0.31

mariadb-10.0.32

mariadb-10.0.33

mariadb-10.0.34

mariadb-10.0.35

mariadb-10.0.36

mariadb-10.0.37

mariadb-10.0.38

mariadb-10.1.0

mariadb-10.1.1

mariadb-10.1.10

mariadb-10.1.11

mariadb-10.1.12

mariadb-10.1.13

mariadb-10.1.14

mariadb-10.1.15

mariadb-10.1.16

mariadb-10.1.17

mariadb-10.1.18

mariadb-10.1.19

mariadb-10.1.2

mariadb-10.1.20

mariadb-10.1.21

mariadb-10.1.22

mariadb-10.1.23

mariadb-10.1.24

mariadb-10.1.25

mariadb-10.1.26

mariadb-10.1.27

mariadb-10.1.28

mariadb-10.1.29

mariadb-10.1.3

mariadb-10.1.30

mariadb-10.1.31

mariadb-10.1.32

mariadb-10.1.33

mariadb-10.1.34

mariadb-10.1.35

mariadb-10.1.36

mariadb-10.1.37

mariadb-10.1.38

mariadb-10.1.39

mariadb-10.1.4

mariadb-10.1.40

mariadb-10.1.41

mariadb-10.1.42

mariadb-10.1.43

mariadb-10.1.44

mariadb-10.1.45

mariadb-10.1.46

mariadb-10.1.47

mariadb-10.1.5

mariadb-10.1.6

mariadb-10.1.7

mariadb-10.1.8

mariadb-10.1.9

mariadb-10.2.0

mariadb-10.2.1

mariadb-10.2.10

mariadb-10.2.11

mariadb-10.2.12

mariadb-10.2.13

mariadb-10.2.14

mariadb-10.2.15

mariadb-10.2.16

mariadb-10.2.17

mariadb-10.2.18

mariadb-10.2.19

mariadb-10.2.2

mariadb-10.2.20

mariadb-10.2.21

mariadb-10.2.22

mariadb-10.2.23

mariadb-10.2.24

mariadb-10.2.25

mariadb-10.2.26

mariadb-10.2.27

mariadb-10.2.28

mariadb-10.2.29

mariadb-10.2.3

mariadb-10.2.30

mariadb-10.2.31

mariadb-10.2.32

mariadb-10.2.33

mariadb-10.2.34

mariadb-10.2.35

mariadb-10.2.36

mariadb-10.2.37

mariadb-10.2.38

mariadb-10.2.39

mariadb-10.2.4

mariadb-10.2.40

mariadb-10.2.5

mariadb-10.2.6

mariadb-10.2.7

mariadb-10.2.8

mariadb-10.2.9

mariadb-5.*

mariadb-5.5.37

mariadb-5.5.38

mariadb-5.5.39

mariadb-5.5.40

mariadb-5.5.41

mariadb-5.5.42

mariadb-5.5.43

mariadb-5.5.44

mariadb-5.5.45

mariadb-5.5.46

mariadb-5.5.47

mariadb-5.5.48

mariadb-5.5.49

mariadb-5.5.50

mariadb-5.5.51

mariadb-5.5.52

mariadb-5.5.53

mariadb-5.5.54

mariadb-5.5.55

mariadb-5.5.56

mariadb-5.5.57

mariadb-5.5.58

mariadb-5.5.59

mariadb-5.5.60

mariadb-5.5.61

mariadb-5.5.62

mariadb-5.5.63

mariadb-5.5.64

mariadb-5.5.65

mariadb-5.5.66

mariadb-5.5.67

mariadb-5.5.68

mariadb-galera-10.*

mariadb-galera-10.0.10

mariadb-galera-10.0.11

mariadb-galera-10.0.12

mariadb-galera-10.0.13

mariadb-galera-10.0.14

mariadb-galera-10.0.15

mariadb-galera-10.0.16

mariadb-galera-10.0.17

mariadb-galera-10.0.19

mariadb-galera-10.0.20

mariadb-galera-10.0.21

mariadb-galera-10.0.22

mariadb-galera-10.0.23

mariadb-galera-10.0.24

mariadb-galera-10.0.25

mariadb-galera-10.0.26

mariadb-galera-10.0.27

mariadb-galera-10.0.28

mariadb-galera-10.0.29

mariadb-galera-10.0.30

mariadb-galera-10.0.31

mariadb-galera-10.0.32

mariadb-galera-10.0.33

mariadb-galera-10.0.34

mariadb-galera-10.0.35

mariadb-galera-10.0.36

mariadb-galera-10.0.37

mariadb-galera-10.0.7

mariadb-galera-10.0.7a

mariadb-galera-5.*

mariadb-galera-5.5.25

mariadb-galera-5.5.28a

mariadb-galera-5.5.29

mariadb-galera-5.5.32

mariadb-galera-5.5.32a

mariadb-galera-5.5.34

mariadb-galera-5.5.35

mariadb-galera-5.5.36

mariadb-galera-5.5.36a

mariadb-galera-5.5.37

mariadb-galera-5.5.38

mariadb-galera-5.5.39

mariadb-galera-5.5.40

mariadb-galera-5.5.41

mariadb-galera-5.5.42

mariadb-galera-5.5.43

mariadb-galera-5.5.44

mariadb-galera-5.5.45

mariadb-galera-5.5.46

mariadb-galera-5.5.47

mariadb-galera-5.5.48

mariadb-galera-5.5.49

mariadb-galera-5.5.50

mariadb-galera-5.5.51

mariadb-galera-5.5.52

mariadb-galera-5.5.53

mariadb-galera-5.5.54

mariadb-galera-5.5.55

mariadb-galera-5.5.56

mariadb-galera-5.5.57

mariadb-galera-5.5.58

mariadb-galera-5.5.59

mariadb-galera-5.5.60

mariadb-galera-5.5.61

mariadb-galera-5.5.62

mysql-5.*

mysql-5.5.37

mysql-5.5.38

mysql-5.5.39

mysql-5.5.40

mysql-5.5.41

mysql-5.5.42

mysql-5.5.43

mysql-5.5.44

mysql-5.5.45

mysql-5.5.46

mysql-5.5.47

mysql-5.5.48

mysql-5.5.49

mysql-5.5.50

mysql-5.5.51

mysql-5.5.52

mysql-5.5.53

mysql-5.5.54

mysql-5.5.55

mysql-5.5.56

mysql-5.5.57

mysql-5.5.58

mysql-5.5.59

mysql-5.5.60

mysql-5.5.61

mysql-5.5.62

percona-xtradb-1.*

percona-xtradb-1.0.2-1

tokudb-7.*

tokudb-7.1.0

tokudb-7.1.5

tokudb-7.1.5-rc.1

tokudb-7.1.5-rc.2

tokudb-7.1.5-rc.3

tokudb-7.1.5-rc.4

Other

tokudb-ps-1

tokudb-ps-2

tokumx-1.*

tokumx-1.0.0-rc.0

tokumx-1.0.0-rc.2

tokumx-1.0.0-rc.4

tokumx-1.0.0-rc.5

tokumx-1.0.0-rc.6

tokumx-1.0.2

tokumx-1.0.4

tokumx-1.0.4-rc.0

tokumx-1.0.4-rc.1

tokumx-1.0.4-rc.2

tokumx-1.1.0

tokumx-1.1.1

tokumx-1.1.1-rc.0

tokumx-1.2.0-rc.2

tokumx-1.3.0-rc.0

tokumx-1.3.0-rc.1

tokumx-1.4.0+hotfix.0

Database specific

vanir_signatures

[
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "90711998564806735195805859599695974488",
                "250235656453474445952886226940630586901",
                "138601424526244396688102904980203116856",
                "260899504695773825099167960290426804286",
                "195618794319389720373887341924388728956",
                "235225536445748945692084098199749057201",
                "31883114073388339147653063826921368361",
                "197917030096083514348454819156402060362",
                "289230583495206341900450989516810730650",
                "91430430361054231056328722674418866585",
                "77643133024047768721912717814398829819",
                "320552537875945211561760460640784081150",
                "105789923430061880194312968275998308603",
                "98735563345642094680434238620443677187",
                "292031684763090909993275794773076322308",
                "92489659976201637249318478726246706024",
                "27007173774237668602419387574308086290",
                "274122217988597580338963001472301063072",
                "300963376605594763791233698212657871132",
                "26572807623540130495412504265101171947",
                "66215638979692992416579566907711463705",
                "303932196489732739924874928020261281051",
                "113940657857467622423686902261834598417",
                "331452141832298997014984331662191676077",
                "208780544668844162214639230045198014431",
                "51175193043033892703788848976725360034",
                "295660115854400421342896505650256948479",
                "35098586381009888889512332354175616121",
                "283810331822564743159193848861315334503",
                "326402544696859951904373527823434289044",
                "92823256719393566777045561395813687873",
                "293733344546467634335795315081711120116",
                "275312355389525935055558046435670752820",
                "243074016587120086829191301778761339000",
                "84155445143525991563516771469806392016",
                "271349187173497616455976187008678950698",
                "93604260207551949815101346941943719267",
                "90978700924351308299517326809194195046",
                "38508214844301462891858640833477141052",
                "106079778222993512903751763731120692597",
                "290487621905075585846882912372845753214",
                "31557689926468019009368634742709831835",
                "90767754057816029463892744414730377001",
                "28596287046245976445032249206946795832",
                "109749886240234928794249123406894187768",
                "284808872374891894869097567934294674017",
                "279399910199429446361672530887901626278",
                "83474200343153023088513681884050655343",
                "276125084189040160593261940922046663677",
                "4626733841424454083806093044308943681",
                "6141779977975797060391828250288999884",
                "237846036462394682827350038206442158043",
                "137364733800278379521916866831845789459",
                "1484270925556905909558539122805529576",
                "331479318533556605097644896467278117922",
                "117299276375238609187406297257687113891",
                "307471933080226789218435425833536169797",
                "334873379364503629241668652362502488215",
                "158836082376971200932844697620135032127",
                "92094223751136598475424808555861066367"
            ]
        },
        "id": "CVE-2022-31624-21bfa473",
        "signature_version": "v1",
        "signature_type": "Line",
        "deprecated": false,
        "target": {
            "file": "plugin/server_audit/server_audit.c"
        },
        "source": "https://github.com/mariadb/server/commit/d627d00b13ab2f2c0954ea7b77202470cb102944"
    },
    {
        "digest": {
            "length": 3203.0,
            "function_hash": "68208181369720662953476210177932291928"
        },
        "id": "CVE-2022-31624-429159e8",
        "signature_version": "v1",
        "signature_type": "Function",
        "deprecated": false,
        "target": {
            "function": "log_statement_ex",
            "file": "plugin/server_audit/server_audit.c"
        },
        "source": "https://github.com/mariadb/server/commit/d627d00b13ab2f2c0954ea7b77202470cb102944"
    }
]