CVE-2022-32081: 
MariaDB Server vulnerability analysis and mitigation

CVE-2022-32081 affects MariaDB versions 10.4 through 10.7, involving a use-after-poison vulnerability in the prepareinplaceaddvirtual function at /storage/innobase/handler/handler0alter.cc. The vulnerability was discovered in July 2022 and affects the MariaDB database server software (Ubuntu Security, [Rapid7](https://www.rapid7.com/db/vulnerabilities/almalinux-cve-2022-32081/)).

The vulnerability stems from a use-after-poison condition in the prepareinplaceadd_virtual function within the handler0alter.cc component of MariaDB's InnoDB storage engine. The issue occurs during the instant ADD/DROP operation of generated columns. The vulnerability has received a CVSS v3.1 base score of 9.8 (CRITICAL) with a vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (NetApp Security).

Successful exploitation of this vulnerability could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). The high severity score indicates potential for significant impact on system confidentiality, integrity, and availability (NetApp Security).

The vulnerability has been fixed in MariaDB versions 10.4.26, 10.5.17, 10.6.9, 10.7.5, 10.8.4, 10.9.2, and 10.10.1. Users are advised to upgrade to these or later versions to address the security issue (MariaDB Jira, Red Hat Security).