CVE-2021-46659

描述

MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECT_LEX::nest_level is local to each VIEW.

受影響套件(5)

• Alpine/mariadbfrom 0, < 10.4.24-r0
• Bitnami/mariadb>= 5.5.0, < 10.2.42, >= 10.3.0, < 10.3.33, >= 10.4.0, < 10.4.23, >= 10.5.0, < 10.5.14, >= 10.6.0, < 10.6.6, >= 10.7.0, < 10.7.2
• Bitnami/mariadb-min>= 5.5.0, < 10.2.42, >= 10.3.0, < 10.3.33, >= 10.4.0, < 10.4.23, >= 10.5.0, < 10.5.14, >= 10.6.0, < 10.6.6, >= 10.7.0, < 10.7.2
• Bitnami/mysql-client>= 5.5.0, < 10.2.42, >= 10.3.0, < 10.3.33, >= 10.4.0, < 10.4.23, >= 10.5.0, < 10.5.14, >= 10.6.0, < 10.6.6, >= 10.7.0, < 10.7.2
• Debian/mariadb-10.5from 0, < 1:10.5.15-0+deb11u1

CVSS 分數

參考連結(9)

• ADVISORYhttps://security.alpinelinux.org/vuln/CVE-2021-46659
• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2021-46659
• WEBhttps://jira.mariadb.org/browse/MDEV-25631
• WEBhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKJRBYJAQCOPHSED43A3HUPNKQLDTFGD/
• WEBhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZFZVMJL5UDTOZMARLXQIMG3BTG6UNYW/
• WEBhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJ4KDAGF3H4D4BDTHRAM6ZEAJJWWMRUO/
• WEBhttps://mariadb.com/kb/en/security/
• WEBhttps://nvd.nist.gov/vuln/detail/CVE-2021-46659
• WEBhttps://security.netapp.com/advisory/ntap-20220311-0003/