English
¢¸¢· µÚ·Î
Ãë¾àÁ¡ID 25383
À§Çèµµ 30
Æ÷Æ® 3306
ÇÁ·ÎÅäÄÝ TCP
ºÐ·ù DB
»ó¼¼¼³¸í ¿ø°Ý È£½ºÆ®¿¡ ¼³Ä¡µÈ MariaDB ¹öÀüÀº 10.5.17 ÀÌÀüÀÔ´Ï´Ù. µû¶ó¼­ mdb-10517-rn ±Ç°í¿¡ ¾ð±ÞµÈ ¿©·¯ Ãë¾àÁ¡ÀÇ ¿µÇâÀ» ¹Þ½À´Ï´Ù.
- 1.2.12 ÀÌÀüÀÇ zlib´Â ÀԷ¿¡ ÀÏÄ¡ Ç׸ñÀÌ ¸¹Àº °æ¿ì °¨¾Ð½Ã (Áï, ¾ÐÃàÇÒ ¶§) ¸Þ¸ð¸® ¼Õ»óÀ» Çã¿ëÇÕ´Ï´Ù. (CVE-2018-25032)
- MariaDB v10.4 ~ v10.7¿¡ /storage/innobase/filename/handler0alter.ccÀÇ prepare_inplace_add_virtual¿¡ use-after-filenameÀÌ Æ÷ÇԵǾî ÀÖ´Â °ÍÀ¸·Î È®ÀεÊ(CVE-2022-32081)
- MariaDB v10.5 ~ v10.7¿¡ dict0dict.ccÀÇ table->get_ref_counts == 0¿¡¼­ ¾î¼³¼Ç ¿À·ù°¡ ÀÖ´Â °ÍÀ¸·Î È®ÀεǾú½À´Ï´Ù(CVE-2022-32082)
- sub_select ±¸¼º ¿ä¼Ò¸¦ ÅëÇØ MariaDB v10.2 ~ v10.7¿¡ ºÐÇÒ ¿À·ù°¡ ÀÖ´Â °ÍÀ¸·Î È®ÀεǾú½À´Ï´Ù.
(CVE-2022-32084)
- MariaDB v10.5 ~ v10.7¿¡ ±¸¼º ¿ä¼Ò st_select_lex_unit::exclude_levelÀ» ÅëÇØ ºÐÇÒ °áÇÔÀÌ ÀÖ´Â °ÍÀ¸·Î È®ÀεǾú½À´Ï´Ù. (CVE-2022-32089)
- MariaDB v10.7Àº /libsanitizer/sanitizer_common/sanitizer_common_interceptors.incÀÇ __interceptor_memset¿¡¼­ use-after-poisonÀ» Æ÷ÇÔÇÏ´Â °ÍÀ¸·Î ¹ß°ßµÇ¾ú½À´Ï´Ù. (CVE-2022-32091)

* Âü°í »çÀÌÆ®:
https://mariadb.com/kb/en/mdb-10517-rn

* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
MariaDB 10.5.17 ÀÌÀüÀÇ 10.5.x ¹öÀüµé
ÇØ°áÃ¥ MariaDB À¥ »çÀÌÆ®ÀÎ https://downloads.mariadb.org/ ¿¡¼­ ±¸ÇÒ ¼ö ÀÖ´Â MariaDBÀÇ °¡Àå ÃֽŠ¹öÀü(10.5.17 ÀÌ»ó)À¸·Î ¾÷±×·¹À̵å ÇÏ¿©¾ß ÇÑ´Ù.
°ü·Ã URL CVE-2018-25032,CVE-2022-32081,CVE-2022-32082,CVE-2022-32084,CVE-2022-32089,CVE-2022-32091 (CVE)
°ü·Ã URL (SecurityFocus)
°ü·Ã URL (ISS)