MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., 11.0 through 11.0., and 11.1 through 11.4.* crashes in Item_direct_view_ref::derived_field_transformer_for_where.
Weakness
The product uses a mechanism that automatically optimizes code, e.g. to improve a characteristic such as performance, but the optimizations can have an unintended side effect that might violate an intended security assumption.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Red Hat Enterprise Linux 10 | RedHat | mariadb10.11-3:10.11.15-1.el10_1 | * |
| Red Hat Enterprise Linux 8 | RedHat | mariadb:10.5-8100020251001104911.489197e6 | * |
| Red Hat Enterprise Linux 9 | RedHat | galera-0:26.4.22-1.el9_6 | * |
| Red Hat Enterprise Linux 9 | RedHat | mariadb-3:10.5.29-2.el9_6 | * |
| Red Hat Enterprise Linux 9 | RedHat | mariadb:10.11-9070020251202135752.rhel9 | * |
| Mariadb | Ubuntu | esm-apps/noble | * |
| Mariadb | Ubuntu | noble | * |
| Mariadb | Ubuntu | oracular | * |
| Mariadb | Ubuntu | plucky | * |
| Mariadb-10.6 | Ubuntu | esm-apps/jammy | * |
| Mariadb-10.6 | Ubuntu | jammy | * |
| Mariadb-10.6 | Ubuntu | upstream | * |