{"id":"USN-6600-1","summary":"mariadb, mariadb-10.3, mariadb-10.6 vulnerabilities","details":"Several security issues were discovered in MariaDB and this update\nincludes new upstream MariaDB versions to fix these issues.\n\nMariaDB has been updated to 10.3.39 in Ubuntu 20.04 LTS, 10.6.16\nin Ubuntu 22.04 LTS and 10.11.6 in Ubuntu 23.10.\n\nCVE-2022-47015 only affected the MariaDB packages in Ubuntu 20.04 LTS\nand Ubuntu 22.04 LTS.\n\nIn addition to security fixes, the updated packages contain bug fixes,\nnew features, and possibly incompatible changes.\n","modified":"2026-02-10T04:43:28Z","published":"2024-01-25T18:32:58Z","related":["UBUNTU-CVE-2022-47015","UBUNTU-CVE-2023-22084"],"upstream":["CVE-2022-47015","CVE-2023-22084","UBUNTU-CVE-2022-47015","UBUNTU-CVE-2023-22084"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6600-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-47015"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-22084"}],"affected":[{"package":{"name":"mariadb-10.3","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/mariadb-10.3@1:10.3.39-0ubuntu0.20.04.2?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:10.3.39-0ubuntu0.20.04.2"}]}],"versions":["1:10.3.17-1","1:10.3.18-1","1:10.3.19-1","1:10.3.21-2","1:10.3.22-1","1:10.3.22-1ubuntu1","1:10.3.25-0ubuntu0.20.04.1","1:10.3.29-0ubuntu0.20.04.1","1:10.3.30-0ubuntu0.20.04.1","1:10.3.31-0ubuntu0.20.04.1","1:10.3.32-0ubuntu0.20.04.1","1:10.3.34-0ubuntu0.20.04.1","1:10.3.37-0ubuntu0.20.04.1","1:10.3.38-0ubuntu0.20.04.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"libmariadb-dev","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"libmariadb-dev-compat","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"libmariadb3","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"libmariadbclient-dev","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"libmariadbd-dev","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"libmariadbd19","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-backup","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-client","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-client-10.3","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-client-core-10.3","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-common","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-plugin-connect","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-plugin-cracklib-password-check","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-plugin-gssapi-client","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-plugin-gssapi-server","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-plugin-mroonga","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-plugin-oqgraph","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-plugin-rocksdb","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-plugin-spider","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-plugin-tokudb","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-server","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-server-10.3","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-server-core-10.3","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-test","binary_version":"1:10.3.39-0ubuntu0.20.04.2"},{"binary_name":"mariadb-test-data","binary_version":"1:10.3.39-0ubuntu0.20.04.2"}]},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:20.04:LTS","cves":[{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2022-47015"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2023-22084"}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6600-1.json"}},{"package":{"name":"mariadb-10.6","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/mariadb-10.6@1:10.6.16-0ubuntu0.22.04.1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:10.6.16-0ubuntu0.22.04.1"}]}],"versions":["1:10.6.7-2ubuntu1","1:10.6.7-2ubuntu1.1","1:10.6.11-0ubuntu0.22.04.1","1:10.6.12-0ubuntu0.22.04.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"libmariadb-dev","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"libmariadb-dev-compat","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"libmariadb3","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"libmariadbd-dev","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"libmariadbd19","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-backup","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-client","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-client-10.6","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-client-core-10.6","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-common","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-plugin-connect","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-plugin-cracklib-password-check","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-plugin-gssapi-client","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-plugin-gssapi-server","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-plugin-mroonga","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-plugin-oqgraph","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-plugin-rocksdb","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-plugin-s3","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-plugin-spider","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-server","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-server-10.6","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-server-core-10.6","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-test","binary_version":"1:10.6.16-0ubuntu0.22.04.1"},{"binary_name":"mariadb-test-data","binary_version":"1:10.6.16-0ubuntu0.22.04.1"}]},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:22.04:LTS","cves":[{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2022-47015"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2023-22084"}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6600-1.json"}}],"schema_version":"1.7.3"}