{"id":"MGASA-2021-0402","summary":"Updated mariadb packages fix security vulnerabilities","details":"Updated mariadb packages fix security vulnerabilities:\n\nA security issue has been found in the InnoDB component of MariaDB\nbefore version 10.6.4. A difficult to exploit vulnerability allows a\nhigh privileged attacker with network access via multiple protocols to\ncompromise the MariaDB server. Successful attacks of this vulnerability\ncan result in the unauthorized ability to cause a hang or frequently\nrepeatable crash (complete denial of service) of the MariaDB server\n(CVE-2021-2372).\n\nA security issue has been found in the InnoDB component of MariaDB\nbefore version 10.6.4. A difficult to exploit vulnerability allows an\nunauthenticated attacker with network access via multiple protocols to\ncompromise the MariaDB server. Successful attacks of this vulnerability\ncan result in the unauthorized ability to cause a hang or frequently\nrepeatable crash (complete denial of service) of the MariaDB server\n(CVE-2021-2389).\n","modified":"2026-02-04T04:37:55.162291Z","published":"2021-08-14T14:00:09Z","related":["CVE-2021-2372","CVE-2021-2389"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2021-0402.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=29338"},{"type":"REPORT","url":"https://mariadb.com/kb/en/mariadb-10512-release-notes/"}],"affected":[{"package":{"name":"mariadb","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/mariadb?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.5.12-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0402.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}