{"id":"CVE-2023-5157","details":"A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service.","aliases":["BIT-mariadb-2023-5157","BIT-mariadb-min-2023-5157","BIT-mysql-client-2023-5157"],"modified":"2026-04-12T08:24:17.500557Z","published":"2023-09-27T15:19:41.807Z","related":["ALSA-2023:5683","ALSA-2023:5684"],"database_specific":{"unresolved_ranges":[{"cpe":"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"38"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.0"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"9.0"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.6"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.8"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_eus:9.0:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"9.0"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"9.2"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.0_aarch64"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"9.0_aarch64"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.8_aarch64"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.0_s390x"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"9.0_s390x"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.2_s390x:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"9.2_s390x"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.6_s390x"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.8_s390x"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"9.2_s390x"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.0_ppc64le"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"9.0_ppc64le"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.8_ppc64le"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"9.2_ppc64le"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.4"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.6"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"9.2"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.4"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.6"}],"source":"CPE_FIELD"},{"cpe":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"8.8"}],"source":"CPE_FIELD"}]},"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2023:5259"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2023:5683"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2023:5684"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2023:6821"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2023:6822"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2023:6883"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2023:7633"},{"type":"ADVISORY","url":"https://access.redhat.com/security/cve/CVE-2023-5157"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2240246"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mariadb/server","events":[{"introduced":"0"},{"fixed":"faddcf3c395da640b760c3f701f5bc1f3baae6c4"},{"fixed":"98d7ac1fbe2d61c0d21e2c22808ef808f29c0827"},{"fixed":"6ffbc0e510cdaafe0494acd04e48d1f44727e86a"},{"introduced":"c761b43451d54eeeecdf3c102906fcce88d4e9d9"},{"fixed":"65e8506ca9d03967191b6ed207cf107d311f7f99"},{"introduced":"7c7f9bef28aa566557da31402142f6dd8298ddd2"},{"fixed":"1ac0bce36e5bf2136cedb1ce1da949f53cce4404"},{"introduced":"1a647b700f6b72dc97211510a5d0c647d5d3d911"},{"fixed":"b8f6d315fe4fe62ef73f6fb4f45e004fcedec20c"}],"database_specific":{"cpe":"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"fixed":"10.3.36"},{"introduced":"10.7.0"},{"fixed":"10.7.5"},{"introduced":"10.8.0"},{"fixed":"10.8.4"},{"introduced":"10.4.0"},{"fixed":"10.4.26"},{"introduced":"10.5.0"},{"fixed":"10.5.17"},{"introduced":"10.6.0"},{"fixed":"10.6.9"}],"source":"CPE_FIELD"}}],"versions":["mariadb-10.1.0","mariadb-10.1.2","mariadb-10.1.3","mariadb-10.1.4","mariadb-10.1.5","mariadb-10.1.6","mariadb-10.1.7","mariadb-10.1.8","mariadb-10.2.0","mariadb-10.2.1","mariadb-10.2.2","mariadb-10.3.0","mariadb-10.3.1","mariadb-10.3.10","mariadb-10.3.12","mariadb-10.3.16","mariadb-10.3.17","mariadb-10.3.18","mariadb-10.3.19","mariadb-10.3.2","mariadb-10.3.20","mariadb-10.3.21","mariadb-10.3.26","mariadb-10.3.30","mariadb-10.3.31","mariadb-10.3.33","mariadb-10.3.35","mariadb-10.3.4","mariadb-10.3.5","mariadb-10.3.6","mariadb-10.3.7","mariadb-10.4.10","mariadb-10.4.11","mariadb-10.4.20","mariadb-10.4.21","mariadb-10.4.22","mariadb-10.4.23","mariadb-10.4.25","mariadb-10.4.3","mariadb-10.4.4","mariadb-10.4.5","mariadb-10.4.7","mariadb-10.4.9","mariadb-10.5.0","mariadb-10.5.11","mariadb-10.5.12","mariadb-10.5.13","mariadb-10.5.14","mariadb-10.5.16","mariadb-10.5.2","mariadb-10.5.4","mariadb-10.6.0","mariadb-10.6.1","mariadb-10.6.2","mariadb-10.6.3","mariadb-10.6.4","mariadb-10.6.5","mariadb-10.6.6","mariadb-10.6.8","mariadb-10.7.1","mariadb-10.7.2","mariadb-10.7.4","mariadb-10.8.1","mariadb-10.8.3"],"database_specific":{"vanir_signatures_modified":"2026-04-12T08:24:17Z","vanir_signatures":[{"target":{"file":"sql/strfunc.cc","function":"find_set"},"source":"https://github.com/mariadb/server/commit/faddcf3c395da640b760c3f701f5bc1f3baae6c4","id":"CVE-2023-5157-bab28f5d","digest":{"length":1094,"function_hash":"96567548985656349046472553596954460768"},"signature_version":"v1","signature_type":"Function","deprecated":false},{"target":{"file":"sql/strfunc.cc"},"source":"https://github.com/mariadb/server/commit/faddcf3c395da640b760c3f701f5bc1f3baae6c4","id":"CVE-2023-5157-ee10862f","digest":{"line_hashes":["271363707396860767418283350345897486504","120596951573328682502907908502941671745","115421961338400510566446524145876737974","64074615696916198601226435566349591945"],"threshold":0.9},"signature_version":"v1","signature_type":"Line","deprecated":false}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-5157.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}