CVE-2021-46658Improper Input Validation in Mariadb

CWE-20Improper Input ValidationCWE-400Uncontrolled Resource Consumption6 documents6 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 75.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
MariadbDebian Mariadb-10.5Msrc Cbl2 Mariadb 10.6.7-1 ON CBL Mariner 2.0+5 more
Timeline
PublishedJan 29
Latest updateJan 31

Description

save_window_function_values in MariaDB before 10.6.3 allows an application crash because of incorrect handling of with_window_func=true for a subquery.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages8 packages

NVDmariadb/mariadb10.2.010.2.40+4
debiandebian/mariadb-10.5< mariadb-10.5 1:10.5.11-1 (bullseye)

Patches

Patch: jira.mariadb.orgPatch: mariadb.comPatch: jira.mariadb.org

🔴Vulnerability Details

2
GHSA
GHSA-2vgr-c24v-3xf3: save_window_function_values in MariaDB before 102022-01-31
OSV
CVE-2021-46658: save_window_function_values in MariaDB before 102022-01-29

📋Vendor Advisories

3
Microsoft
save_window_function_values in MariaDB before 10.6.3 allows an application crash because of incorrect handling of with_window_func=true for a subquery.2022-01-11
Red Hat
mariadb: save_window_function_values triggers an abort during IN subquery2021-05-10
Debian
CVE-2021-46658: mariadb-10.5 - save_window_function_values in MariaDB before 10.6.3 allows an application crash...2021