Launchpad CVE tracker

CVE 2022-27387

MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimal_bin_size, which is exploited via specially crafted SQL statements.

Related bugs and status

CVE-2022-27387 (Candidate) is related to these bugs:

Bug #1996452: CVE-2022-32091 et al affect MariaDB in Ubuntu

		In	Importance	Status
1996452	CVE-2022-32091 et al affect MariaDB in Ubuntu	mariadb-10.3 (Ubuntu)	Undecided	Fix Released
1996452	CVE-2022-32091 et al affect MariaDB in Ubuntu	mariadb-10.6 (Ubuntu)	Undecided	Fix Released
1996452	CVE-2022-32091 et al affect MariaDB in Ubuntu	mariadb-10.6 (Ubuntu Jammy)	Undecided	Fix Released
1996452	CVE-2022-32091 et al affect MariaDB in Ubuntu	mariadb-10.6 (Ubuntu Kinetic)	Undecided	Fix Released

Bug #2002281: [Debian] CVE: CVE-2021-46669/CVE-2022-27376/CVE-2022-27377...CVE-2022-32089/CVE-2022-32091: mariadb: multiple CVEs

Summary				In	Importance	Status
	2002281	[Debian] CVE: CVE-2021-46669/CVE-2022-27376/CVE-2022-27377...CVE-2022-32089/CVE-2022-32091: mariadb: multiple CVEs		StarlingX	Critical	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2022-27387

References