RedHat Judy CVE-2021-27928 Code Injection Vulnerability

description-logoDescription

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (10.3.28), galera (25.3.32). Security Fix(es): mariadb: writable system variables allows a database user with SUPER privilege to execute arbitrary code as the system mysql user (CVE-2021-27928) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. SolutionFor details on how to apply this update, which includes the changes described in this advisory, refer to:https://access.redhat.com/articles/11258 After installing this update, the MariaDB server daemon (mysqld) will be restarted automatically.

affected-products-logoAffected Applications

Judy

CVE References

CVE-2021-27928