UBUNTU-CVE-2021-46669

Details

MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used.

Affected Packages

mariadb-10.3

Ubuntu 20.04 LTS

Affected versions:

1:10.3.17-11:10.3.18-11:10.3.19-11:10.3.21-21:10.3.22-11:10.3.22-1ubuntu11:10.3.25-0ubuntu0.20.04.11:10.3.29-0ubuntu0.20.04.11:10.3.30-0ubuntu0.20.04.11:10.3.31-0ubuntu0.20.04.1+2 more

Fixed in:

1:10.3.37-0ubuntu0.20.04.1

mariadb-10.6

Ubuntu 22.04 LTS

Affected versions:

1:10.6.7-2ubuntu11:10.6.7-2ubuntu1.1

Fixed in:

1:10.6.11-0ubuntu0.22.04.1

References

REPORThttps://jira.mariadb.org/browse/MDEV-25638 REPORThttps://ubuntu.com/security/CVE-2021-46669 REPORThttps://ubuntu.com/security/notices/USN-5739-1 REPORThttps://www.cve.org/CVERecord?id=CVE-2021-46669

UBUNTU-CVE-2021-46669

Details

Affected Packages

References

CVSS Analysis

Related

Ecosystems

Timeline