Mariadb: node crashes with transport endpoint is not connected mysqld got signal 6
CVE-2023-5157

7.5HIGH

Key Information:

Vendor
Red Hat
Status
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
Red Hat Enterprise Linux 8.4 Telecommunications Update Service
Red Hat Enterprise Linux 8.4 Update Services For SAP Solutions
Vendor
CVE Published:
27 September 2023

Summary

A vulnerability in MariaDB allows a malicious remote client to exploit the service through OpenVAS port scanning on ports 3306 and 4567. This can result in a denial of service, making the database unresponsive to legitimate requests and disrupting operations. It is crucial for users of the affected MariaDB versions to assess their vulnerability status and apply necessary updates to safeguard their systems.

Affected Version(s)

Red Hat Enterprise Linux 8 8080020231003163755.63b34585

Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 8040020231006044227.522a0ee4

Red Hat Enterprise Linux 8.4 Telecommunications Update Service 8040020231006044227.522a0ee4

References

https://access.redhat.com/errata/RHSA-2023:5683
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:5684
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:6821
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.