Plattform
mariadb
Komponente
mariadb-server
Behoben in
11.4.10
11.8.6
12.2.2
CVE-2026-35549 describes a denial-of-service (DoS) vulnerability in MariaDB Server. This flaw arises when a large network packet is sent to a server configured with the cachingsha2password authentication plugin, potentially leading to a server crash. The vulnerability impacts versions prior to 11.4.10, 11.5.x through 11.8.x before 11.8.6, and 12.x before 12.2.2. A fix is available in MariaDB Server 12.2.2.
An attacker can exploit this vulnerability by crafting and sending a malicious, oversized network packet to a MariaDB Server instance utilizing the cachingsha2password authentication plugin. The sha256cryptr function, which handles password hashing within the plugin, uses alloca for dynamic memory allocation. A sufficiently large packet can trigger an excessive memory allocation, ultimately leading to a buffer overflow and a server crash. This results in a denial of service, disrupting database operations and potentially impacting dependent applications. The impact is particularly severe for systems relying on MariaDB for critical data storage and processing.
This vulnerability was publicly disclosed on 2026-04-03. There is no indication of active exploitation at this time, and it is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are not yet available, but the vulnerability's nature suggests that development of such exploits is likely. The CVSS score of 6.5 (Medium) indicates a moderate probability of exploitation.
Organizations utilizing MariaDB Server versions prior to 12.2.2, especially those relying on the cachingsha2password authentication plugin for user authentication, are at risk. Shared hosting environments where multiple users share a single MariaDB server instance are particularly vulnerable, as a compromised account could be used to trigger the DoS attack.
• mariadb / server:
journalctl -u mariadb | grep -i crash• mariadb / server:
mysql -e "SHOW VARIABLES LIKE 'caching_sha2_password';"• mariadb / server: Check MariaDB server configuration files (my.cnf) for the presence of cachingsha2password authentication plugin.
disclosure
Exploit-Status
EPSS
0.05% (15% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2026-35549 is to upgrade MariaDB Server to version 12.2.2 or later. If an immediate upgrade is not feasible due to compatibility concerns or downtime constraints, consider temporarily disabling the cachingsha2password authentication plugin. This can be achieved by modifying the authentication plugin configuration in the MariaDB server settings. Alternatively, implement network-level filtering to limit the size of incoming packets to the MariaDB server. After upgrading, confirm the fix by sending a large packet to the server and verifying that it does not crash.
Actualice MariaDB Server a la versión 11.4.10, 11.8.6 o 12.2.2, o posterior. Esto corrige la vulnerabilidad que puede causar que el servidor se bloquee al recibir un paquete grande cuando el plugin caching_sha2_password está instalado y configurado para ciertas cuentas de usuario.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-35549 is a medium severity DoS vulnerability affecting MariaDB Server versions less than or equal to 12.2.2. A large packet can crash the server when using the cachingsha2password authentication plugin.
You are affected if you are running MariaDB Server versions prior to 12.2.2 and have the cachingsha2password authentication plugin enabled.
Upgrade to MariaDB Server version 12.2.2 or later. As a temporary workaround, disable the cachingsha2password authentication plugin.
There is currently no evidence of active exploitation, but the vulnerability's nature suggests potential for future exploitation.
Refer to the official MariaDB security advisory for CVE-2026-35549 on the MariaDB website (https://mariadb.com/security).
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.