{"id":"UBUNTU-CVE-2022-47015","details":"MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer.","modified":"2026-04-22T13:32:02.567390Z","published":"2023-01-20T19:15:00Z","related":["USN-6600-1"],"upstream":["CVE-2022-47015"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-47015"},{"type":"REPORT","url":"https://github.com/MariaDB/server/commit/be0a46b3d52b58956fd0d47d040b9f4514406954"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6600-1"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2022-47015"}],"affected":[{"package":{"name":"mariadb-10.3","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/mariadb-10.3@1:10.3.39-0ubuntu0.20.04.2?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:10.3.39-0ubuntu0.20.04.2"}]}],"versions":["1:10.3.17-1","1:10.3.18-1","1:10.3.19-1","1:10.3.21-2","1:10.3.22-1","1:10.3.22-1ubuntu1","1:10.3.25-0ubuntu0.20.04.1","1:10.3.29-0ubuntu0.20.04.1","1:10.3.30-0ubuntu0.20.04.1","1:10.3.31-0ubuntu0.20.04.1","1:10.3.32-0ubuntu0.20.04.1","1:10.3.34-0ubuntu0.20.04.1","1:10.3.37-0ubuntu0.20.04.1","1:10.3.38-0ubuntu0.20.04.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"libmariadb-dev-compat","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"libmariadb3","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"libmariadbd19","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-backup","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-client","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-client-10.3","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-client-core-10.3","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-common","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-plugin-connect","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-plugin-cracklib-password-check","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-plugin-gssapi-client","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-plugin-gssapi-server","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-plugin-mroonga","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-plugin-oqgraph","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-plugin-rocksdb","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-plugin-spider","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-plugin-tokudb","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-server","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-server-10.3","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-server-core-10.3","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-test","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-test-data","binary_version":"1:10.3.39-0ubuntu0.20.04.2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-47015.json"}},{"package":{"name":"mariadb-10.6","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/mariadb-10.6@1:10.6.16-0ubuntu0.22.04.1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:10.6.16-0ubuntu0.22.04.1"}]}],"versions":["1:10.6.7-2ubuntu1","1:10.6.7-2ubuntu1.1","1:10.6.11-0ubuntu0.22.04.1","1:10.6.12-0ubuntu0.22.04.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"libmariadb-dev-compat","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"libmariadb3","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"libmariadbd19","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-backup","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-client","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-client-10.6","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-client-core-10.6","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-common","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-plugin-connect","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-plugin-cracklib-password-check","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-plugin-gssapi-client","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-plugin-gssapi-server","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-plugin-mroonga","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-plugin-oqgraph","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-plugin-rocksdb","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-plugin-s3","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-plugin-spider","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-server","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-server-10.6","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-server-core-10.6","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-test","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-test-data","binary_version":"1:10.6.16-0ubuntu0.22.04.1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-47015.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]}