vulnerability
Alma Linux: CVE-2022-38791: Moderate: mariadb:10.3 security, bug fix, and enhancement update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | Aug 27, 2022 | Sep 25, 2023 | Apr 20, 2026 |
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
Aug 27, 2022
Added
Sep 25, 2023
Modified
Apr 20, 2026
Description
In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock.
Solutions
alma-upgrade-galeraalma-upgrade-judyalma-upgrade-mariadbalma-upgrade-mariadb-backupalma-upgrade-mariadb-commonalma-upgrade-mariadb-develalma-upgrade-mariadb-embeddedalma-upgrade-mariadb-embedded-develalma-upgrade-mariadb-errmsgalma-upgrade-mariadb-gssapi-serveralma-upgrade-mariadb-oqgraph-enginealma-upgrade-mariadb-pamalma-upgrade-mariadb-serveralma-upgrade-mariadb-server-galeraalma-upgrade-mariadb-server-utilsalma-upgrade-mariadb-test
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.