Fortinet Discovers Multiple MariaDB 'Regular Expression' Parsing Denial of Service Vulnerabilities
Fortinet's FortiGuard Labs has discovered multiple denial of service vulnerabilities in MariaDB.
MariaDB is an enhanced, drop-in replacement for MySQL. It remains free under the GNU GPL. MariaDB strives to be the logical choice for database professionals looking for a robust, scalable, and reliable SQL server.
These discovered vulnerabilities are caused due to incorrectly handling specially crafted regular expressions. They could be exploited by attackers via crafted regular expression with the REGEXP_SUBSTR function.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released Apr 21, 2015
Users should apply the solution provided by MariaDB.
The vulnerabilities actually exist in the 3rd-party PCRE library incorporated into MariaDB. The PCRE library 8.37 has fixed them.
These vulnerabilities were discovered by Kai Lu of Fortinet's FortiGuard Labs.