Vulnerability CVE-2018-3251: Information

Description

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2018-3251
Published: Oct. 17, 2018
Modified: Aug. 4, 2022

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
MySQLsisyphus5.7.24-alt18.0.37-alt1.1ALT-PU-2018-2668-1216678Fixed
MySQLp105.7.24-alt18.0.36-alt1ALT-PU-2018-2668-1216678Fixed
MySQLp95.7.24-alt18.0.26-alt2ALT-PU-2018-2668-1216678Fixed
MySQLp85.7.24-alt15.7.28-alt1ALT-PU-2018-2828-1216685Fixed
MySQLc10f15.7.24-alt18.0.37-alt1ALT-PU-2018-2668-1216678Fixed
MySQLc9f25.7.24-alt18.0.36-alt0.c9.1ALT-PU-2018-2668-1216678Fixed
MySQLp115.7.24-alt18.0.37-alt1.1ALT-PU-2018-2668-1216678Fixed
mariadbsisyphus10.3.11-alt110.11.8-alt1ALT-PU-2018-2720-1217038Fixed
mariadbp1010.3.11-alt110.6.18-alt1ALT-PU-2018-2720-1217038Fixed
mariadbp910.3.11-alt110.4.34-alt0.M90P.1ALT-PU-2018-2720-1217038Fixed
mariadbp810.1.37-alt110.1.48-alt1ALT-PU-2018-2781-1217040Fixed
mariadbc10f110.3.11-alt110.6.18-alt1ALT-PU-2018-2720-1217038Fixed
mariadbc9f210.3.11-alt110.6.18-alt1ALT-PU-2018-2720-1217038Fixed
mariadbc710.3.14-alt0.M70C.110.3.14-alt0.M70C.1ALT-PU-2019-1992-1231405Fixed
mariadbp1110.3.11-alt110.11.8-alt1ALT-PU-2018-2720-1217038Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
  • Patch
  • Vendor Advisory
1041888
  • Third Party Advisory
  • VDB Entry
105600
  • Third Party Advisory
  • VDB Entry
https://security.netapp.com/advisory/ntap-20181018-0002/
  • Third Party Advisory
USN-3799-1
  • Third Party Advisory
[debian-lts-announce] 20181107 [SECURITY] [DLA 1570-1] mariadb-10.0 security update
  • Mailing List
  • Third Party Advisory
DSA-4341
  • Third Party Advisory
RHSA-2018:3655
  • Third Party Advisory
RHSA-2019:1258
  • Third Party Advisory
GLSA-201908-24
  • Third Party Advisory

    1. Configuration 1

      cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
      Start including
      5.7.0
      End including
      5.7.23
      cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
      Start including
      8.0.0
      End including
      8.0.12
      cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
      Start including
      5.6.0
      End including
      5.6.41

      Configuration 2

      cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
      cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*
      cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
      cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vmware_vsphere:*:*
      Start including
      9.4
      cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*

      Configuration 3

      cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:*:*:*
      Running on/with:
      cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

      Configuration 4

      cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

      Configuration 5

      cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
      cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

      Configuration 6

      cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
      Start including
      10.0.0
      End excliding
      10.0.37
      cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
      Start including
      10.2.0
      End excliding
      10.2.19
      cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
      Start including
      10.3.0
      End excliding
      10.3.11
      cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
      Start including
      10.1.0
      End excliding
      10.1.37
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.3
Back to top