CVE-2023-52969Insecure Automated Optimizations in Mariadb

CWE-1038Insecure Automated Optimizations9 documents8 sources
Severity
4.9MEDIUMNVD
EPSS
0.3%
top 43.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mariadb
Timeline
PublishedMar 8
Latest updateJun 2

Description

MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, and 11.0 through 11.0.* can sometimes crash with an empty backtrace log. This may be related to make_aggr_tables_info and optimize_stage2.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:HExploitability: 1.2 | Impact: 3.6

Affected Packages2 packages

CVEListV5mariadb/mariadb10.410.5.*+3
Debianmariadb/mariadb< 1:10.11.13-0+deb12u1+2

🔴Vulnerability Details

3
GHSA
GHSA-gx7h-6fr6-j29h: MariaDB Server 102025-03-09
CVEList
CVE-2023-52969: MariaDB Server 102025-03-08
OSV
CVE-2023-52969: MariaDB Server 102025-03-08

📋Vendor Advisories

5
Ubuntu
MariaDB vulnerabilities2025-06-02
Ubuntu
MariaDB vulnerabilities2025-05-20
Microsoft
MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, and 11.0 through 11.0.* can sometimes crash with an empty backtrace log. This may be related to make_aggr_tables_info and2025-03-11
Red Hat
mariadb: MariaDB Server Crash Due to Empty Backtrace Log2025-03-08
Debian
CVE-2023-52969: mariadb - MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, a...2023