{"id":"MGASA-2017-0461","summary":"Updated mariadb packages fix security vulnerabilities","details":"Difficult to exploit vulnerability in MariaDB Server allows high\nprivileged attacker with logon to the infrastructure where MariaDB\nServer executes to compromise MariaDB Server. Successful attacks of this\nvulnerability can result in unauthorized access to critical data or\ncomplete access to all MariaDB Server accessible data (CVE-2017-10268).\n\nEasily exploitable vulnerability in MariaDB Server allows low privileged\nattacker with network access via multiple protocols to compromise\nMariaDB Server. Successful attacks of this vulnerability can result in\nunauthorized ability to cause a hang or frequently repeatable crash\n(complete DOS) of MariaDB Server (CVE-2017-10378).\n","modified":"2026-04-16T06:24:05.124365737Z","published":"2017-12-21T18:18:18Z","upstream":["CVE-2017-10268","CVE-2017-10378"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2017-0461.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=22206"},{"type":"WEB","url":"https://mariadb.com/kb/en/library/mariadb-10033-release-notes/"},{"type":"WEB","url":"https://mariadb.com/kb/en/library/mariadb-10129-release-notes/"},{"type":"ADVISORY","url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"}],"affected":[{"package":{"name":"mariadb","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/mariadb?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.33-2.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0461.json"}},{"package":{"name":"mariadb","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/mariadb?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.1.29-2.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0461.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}