{ "threat_severity" : "Important", "public_date" : "2020-10-06T00:00:00Z", "bugzilla" : { "description" : "mariadb: Insufficient SST method name check leading to code injection in mysql-wsrep", "id" : "1894919", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1894919" }, "cvss3" : { "cvss3_base_score" : "9.0", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "status" : "verified" }, "cwe" : "CWE-94", "details" : [ "A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in `wsrep_sst_method` allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality, integrity, and availability. This flaw affects mariadb versions before 10.1.47, before 10.2.34, before 10.3.25, before 10.4.15 and before 10.5.6.", "A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in `wsrep_sst_method` allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality, integrity, and availability." ], "statement" : "galera packages as shipped with Red Hat Enterprise Linux and Red Hat Software Collections are not affected because they do not contain the vulnerable mysql-wsrep component.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-12-15T00:00:00Z", "advisory" : "RHSA-2020:5500", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "mariadb:10.3-8030020201203011231.229f0a1c" }, { "product_name" : "Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions", "release_date" : "2020-12-22T00:00:00Z", "advisory" : "RHSA-2020:5663", "cpe" : "cpe:/a:redhat:rhel_e4s:8.0", "package" : "mariadb:10.3-8000020201221114409.f8e95b4e" }, { "product_name" : "Red Hat Enterprise Linux 8.1 Extended Update Support", "release_date" : "2020-12-22T00:00:00Z", "advisory" : "RHSA-2020:5665", "cpe" : "cpe:/a:redhat:rhel_eus:8.1", "package" : "mariadb:10.3-8010020201214133427.c27ad7f8" }, { "product_name" : "Red Hat Enterprise Linux 8.2 Extended Update Support", "release_date" : "2020-12-22T00:00:00Z", "advisory" : "RHSA-2020:5654", "cpe" : "cpe:/a:redhat:rhel_eus:8.2", "package" : "mariadb:10.3-8020020201214133105.4cda2c84" }, { "product_name" : "Red Hat OpenStack Platform 10.0 (Newton)", "release_date" : "2020-12-08T00:00:00Z", "advisory" : "RHSA-2020:5379", "cpe" : "cpe:/a:redhat:openstack:10::el7", "package" : "mariadb-galera-1:5.5.62-2.el7ost" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date" : "2020-11-30T00:00:00Z", "advisory" : "RHSA-2020:5246", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-mariadb103-galera-0:25.3.31-1.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date" : "2020-11-30T00:00:00Z", "advisory" : "RHSA-2020:5246", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-mariadb103-mariadb-3:10.3.27-1.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS", "release_date" : "2020-11-30T00:00:00Z", "advisory" : "RHSA-2020:5246", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-mariadb103-galera-0:25.3.31-1.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS", "release_date" : "2020-11-30T00:00:00Z", "advisory" : "RHSA-2020:5246", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-mariadb103-mariadb-3:10.3.27-1.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS", "release_date" : "2020-11-30T00:00:00Z", "advisory" : "RHSA-2020:5246", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-mariadb103-galera-0:25.3.31-1.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS", "release_date" : "2020-11-30T00:00:00Z", "advisory" : "RHSA-2020:5246", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-mariadb103-mariadb-3:10.3.27-1.el7" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "mariadb", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat OpenStack Platform 10 (Newton)", "fix_state" : "Not affected", "package_name" : "galera", "cpe" : "cpe:/a:redhat:openstack:10" }, { "product_name" : "Red Hat OpenStack Platform 13 (Queens)", "fix_state" : "Not affected", "package_name" : "galera", "cpe" : "cpe:/a:redhat:openstack:13" }, { "product_name" : "Red Hat Software Collections", "fix_state" : "Not affected", "package_name" : "rh-mariadb102-galera", "cpe" : "cpe:/a:redhat:rhel_software_collections:3" }, { "product_name" : "Red Hat Software Collections", "fix_state" : "Will not fix", "package_name" : "rh-mariadb102-mariadb", "cpe" : "cpe:/a:redhat:rhel_software_collections:3" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2020-15180\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-15180" ], "name" : "CVE-2020-15180", "mitigation" : { "value" : "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update as soon as possible.", "lang" : "en:us" }, "csaw" : false }