CVE-2026-35549 — Memory Allocation with Excessive Size Value in Mariadb

CWE-789 — Memory Allocation with Excessive Size Value CWE-770 — Allocation of Resources Without Limits or Throttling14 documents9 sources

Severity

6.5MEDIUMNVD

EPSS

0.0%

top 85.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mariadb

Timeline

PublishedApr 3

Latest updateApr 6

Description

An issue was discovered in MariaDB Server before 11.4.10, 11.5.x through 11.8.x before 11.8.6, and 12.x before 12.2.2. If the caching_sha2_password authentication plugin is installed, and some user accounts are configured to use it, a large packet can crash the server because sha256_crypt_r uses alloca.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5mariadb/mariadb11.5.0 — 11.8.6+2

▶Debianmariadb/mariadb< 1:11.8.6-0+deb13u1+1

🔴Vulnerability Details

GHSA

GHSA-3xgj-m9hf-j98g: An issue was discovered in MariaDB Server before 11↗2026-04-03

▶

CVEList

CVE-2026-35549: An issue was discovered in MariaDB Server before 11↗2026-04-03

▶

OSV

CVE-2026-35549: An issue was discovered in MariaDB Server before 11↗2026-04-03

▶

📋Vendor Advisories

Red Hat

MariaDB Server: MariaDB Server: Denial of Service via large packet with caching_sha2_password authentication plugin↗2026-04-03

▶

Microsoft

CVE-2026-35549: Mariner: Mariner mitre: mitre Customer Action Required: Yes↗2026-04-02

▶

Debian

CVE-2026-35549: mariadb - An issue was discovered in MariaDB Server before 11.4.10, 11.5.x through 11.8.x ...↗2026

▶

🕵️Threat Intelligence

Wiz

CVE-2026-3494 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2026-35549 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2025-13699 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2026-32710 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

💬Community

Bugzilla

CVE-2026-35549 mariadb11.8: MariaDB Server: Denial of Service via large packet with caching_sha2_password authentication plugin [fedora-all]↗2026-04-06

▶

Bugzilla

CVE-2026-35549 mariadb10.11: MariaDB Server: Denial of Service via large packet with caching_sha2_password authentication plugin [fedora-all]↗2026-04-06

▶

Bugzilla

CVE-2026-35549 MariaDB Server: MariaDB Server: Denial of Service via large packet with caching_sha2_password authentication plugin↗2026-04-03

▶