{"id":"RLSA-2023:5683","summary":"Important: mariadb:10.5 security update","details":"MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. \n\nThe following packages have been upgraded to a later upstream version: galera\n(26.4.14), mariadb (10.5.22).\n\nSecurity Fix(es):\n\n* mariadb: node crashes with Transport endpoint is not connected mysqld got signal 6 (CVE-2023-5157)\n\n* mariadb: use-after-poison in prepare_inplace_add_virtual in handler0alter.cc (CVE-2022-32081)\n\n* mariadb: assertion failure at table-\u003eget_ref_count() == 0 in dict0dict.cc (CVE-2022-32082)\n\n* mariadb: segmentation fault via the component sub_select (CVE-2022-32084)\n\n* mariadb: server crash in st_select_lex_unit::exclude_level (CVE-2022-32089)\n\n* mariadb: server crash in JOIN_CACHE::free or in copy_fields (CVE-2022-32091)\n\n* mariadb: compress_write() fails to release mutex on failure (CVE-2022-38791)\n\n* mariadb: NULL pointer dereference in spider_db_mbase::print_warnings() (CVE-2022-47015)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","modified":"2026-02-04T09:45:06.588653Z","published":"2023-10-14T02:08:04.577837Z","upstream":["CVE-2022-32081","CVE-2022-32082","CVE-2022-32084","CVE-2022-32089","CVE-2022-32091","CVE-2022-38791","CVE-2022-47015","CVE-2023-5157"],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2023:5683"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2106028"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2106030"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2106034"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2106035"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2106042"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2130105"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2163609"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2240246"}],"affected":[{"package":{"name":"galera","ecosystem":"Rocky Linux:8","purl":"pkg:rpm/rocky-linux/galera?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:26.4.14-1.module+el8.8.0+1490+31c52b1f"}],"database_specific":{"yum_repository":"AppStream"}}],"database_specific":{"source":"https://storage.googleapis.com/resf-osv-data/RLSA-2023:5683.json"}},{"package":{"name":"Judy","ecosystem":"Rocky Linux:8","purl":"pkg:rpm/rocky-linux/Judy?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.5-18.module+el8.4.0+427+adf35707"}],"database_specific":{"yum_repository":"AppStream"}}],"database_specific":{"source":"https://storage.googleapis.com/resf-osv-data/RLSA-2023:5683.json"}},{"package":{"name":"mariadb","ecosystem":"Rocky Linux:8","purl":"pkg:rpm/rocky-linux/mariadb?distro=rocky-linux-8&epoch=3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3:10.5.22-1.module+el8.8.0+1490+31c52b1f"}],"database_specific":{"yum_repository":"AppStream"}}],"database_specific":{"source":"https://storage.googleapis.com/resf-osv-data/RLSA-2023:5683.json"}}],"schema_version":"1.7.3","credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]}