MariaDB Server before 10.7 is vulnerable to Denial of...
Moderate severity
Unreviewed
Published
May 26, 2022
to the GitHub Advisory Database
•
Updated May 3, 2024
Description
Published by the National Vulnerability Database
May 25, 2022
Published to the GitHub Advisory Database
May 26, 2022
Last updated
May 3, 2024
MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_compress.cc, when an error occurs (i.e., going to the err label) while executing the method create_worker_threads, the held lock thd->ctrl_mutex is not released correctly, which allows local users to trigger a denial of service due to the deadlock.
References