An update for mariadb is now available for HCE 2.0 Security Advisory hws_security@huawei.com Huawei Cloud HCE2-SA-2024-0017 Final 1.0 1.0 2024-01-03T03:35:57:00Z current version 2024-01-03T03:35:57:00Z 2024-01-03T03:35:57:00Z HCE SA Engine 1.0.0 An update for mariadb is now available for HCE 2.0 HCE Security has rated this update as having a security impact of Important.A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Security Fix(es): MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16191. (CVE-2022-24048) save_window_function_values in MariaDB before 10.6.3 allows an application crash because of incorrect handling of with_window_func=true for a subquery. (CVE-2021-46658) MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/sql_window.cc. (CVE-2022-27445) MariaDB Server v10.9 and below was discovered to contain a use-after-free via the component Binary_string::free_buffer() at /sql/sql_string.h. (CVE-2022-27447) MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-engine resource limitations for temporary data structures. (CVE-2021-46668) MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_mb_wc_latin1 at /strings/ctype-latin1.c. (CVE-2022-27457) MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component my_wildcmp_8bit_impl at /strings/ctype-simple.c. (CVE-2022-27455) MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimal_bin_size, which is exploited via specially crafted SQL statements. (CVE-2022-27387) MariaDB CONNECT Storage Engine Use-After-Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16207. (CVE-2022-24050) MariaDB Server v10.6 and below was discovered to contain an use-after-free in the component my_strcasecmp_8bit, which is exploited via specially crafted SQL statements. (CVE-2022-27383) MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_func.cc:148. (CVE-2022-27449) An issue in the component Field::set_default of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. (CVE-2022-27381) An issue in the component Create_tmp_table::finalize of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. (CVE-2022-27378) MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component sql/sql_class.cc. (CVE-2022-27386) There is an Assertion failure in MariaDB Server v10.9 and below via 'node->pcur->rel_pos == BTR_PCUR_ON' at /row/row0mysql.cc. (CVE-2022-27448) MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component VDec::VDec at /sql/sql_type.cc. (CVE-2022-27456) MariaDB Server v10.6.5 and below was discovered to contain an use-after-free in the component Item_args::walk_arg, which is exploited via specially crafted SQL statements. (CVE-2022-27376) MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_subselect.cc. (CVE-2022-27444) MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Binary_string::free_buffer() at /sql/sql_string.h. (CVE-2022-27458) MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Item_func_in::cleanup(), which is exploited via specially crafted SQL statements. (CVE-2022-27377) MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/field_conv.cc. (CVE-2022-27451) An issue in the component my_decimal::operator= of MariaDB Server v10.6.3 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. (CVE-2022-27380) An issue in the component Used_tables_and_const_cache::used_tables_and_const_cache_join of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. (CVE-2022-27385) MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component Item_field::used_tables/update_depend_map_for_order. (CVE-2022-27382) An issue in the component Arg_comparator::compare_real_fixed of MariaDB Server v10.6.2 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. (CVE-2022-27379) MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_cmpfunc.h. (CVE-2022-27446) MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16190. (CVE-2022-24052) MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16193. (CVE-2022-24051) An issue in the component Item_subselect::init_expr_cache_tracker of MariaDB Server v10.6 and below was discovered to allow attackers to cause a Denial of Service (DoS) via specially crafted SQL statements. (CVE-2022-27384) MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_cmpfunc.cc. (CVE-2022-27452) This document is provided on an "AS IS" basis and does not implyany kind of guarantee or warranty, either express or implied, including the warranties of merchantability or fitness for a particular purpose. In no eventshall Huawei or any of its directly or indirectly controlled subsidiaries or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. Your use of the document, by any means, is totally at your own risk. Huawei is entitled to amend or update this document from time to time. The information and data embodied in this document and any attachment are strictly confidential information of Huawei and are supplied on the understanding that they will be held confidentially and not disclosed to third parties without the prior written consent of Huawei. Use all reasonable efforts to protect the confidentiality of information. In particular, do not directly or indirectly disclose, allow access to, transmit or transfer information to a third party without our prior written consent. Thank you for your co-operation. Receipt of this security advisory shall be deemed as your consent of the terms and conditions above. Huawei Cloud EulerOS 2.0 mariadb This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24048 CVE-2022-24048 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24048 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-46658 CVE-2021-46658 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-46658 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27445 CVE-2022-27445 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27445 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27447 CVE-2022-27447 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27447 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-46668 CVE-2021-46668 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-46668 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27457 CVE-2022-27457 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27457 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27455 CVE-2022-27455 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27455 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27387 CVE-2022-27387 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27387 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24050 CVE-2022-24050 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24050 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27383 CVE-2022-27383 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27383 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27449 CVE-2022-27449 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27449 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27381 CVE-2022-27381 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27381 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27378 CVE-2022-27378 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27378 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27386 CVE-2022-27386 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27386 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27448 CVE-2022-27448 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27448 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27456 CVE-2022-27456 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27456 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27376 CVE-2022-27376 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27376 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27444 CVE-2022-27444 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27444 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27458 CVE-2022-27458 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27458 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27377 CVE-2022-27377 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27377 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27451 CVE-2022-27451 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27451 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27380 CVE-2022-27380 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27380 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27385 CVE-2022-27385 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27385 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27382 CVE-2022-27382 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27382 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27379 CVE-2022-27379 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27379 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27446 CVE-2022-27446 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27446 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24052 CVE-2022-24052 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24052 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24051 CVE-2022-24051 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24051 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27384 CVE-2022-27384 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27384 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H This vulnerability can be exploited only when the following conditions are present: None Vulnerability details: For technical details, customers are advised to reference the website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27452 CVE-2022-27452 HCE 2.0:mariadb-10.5.22-1.hce2 For technical details, customers are advised to referencethe website: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27452 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H