Уязвимость CVE-2018-2771: Информация

Описание

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).

Важность: MEDIUM (4,4) Вектор: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2018-2771
Опубликовано: 19 апреля 2018 г.
Изменено: 29 ноября 2022 г.

Исправленные пакеты

Имя пакета
Ветка
Исправлено в версии
Версия в репозитории
Errata ID
№ Задания
Состояние
MySQLsisyphus5.7.22-alt1.S18.0.37-alt1.1ALT-PU-2018-1993-1209726Исправлено
MySQLp105.7.22-alt1.S18.0.36-alt1ALT-PU-2018-1993-1209726Исправлено
MySQLp95.7.22-alt1.S18.0.26-alt2ALT-PU-2018-1993-1209726Исправлено
MySQLp85.7.22-alt1.M80P.15.7.28-alt1ALT-PU-2018-2028-1209806Исправлено
MySQLc10f15.7.22-alt1.S18.0.37-alt1ALT-PU-2018-1993-1209726Исправлено
MySQLc9f25.7.22-alt1.S18.0.36-alt0.c9.1ALT-PU-2018-1993-1209726Исправлено
MySQLc75.7.24-alt0.M70C.15.7.24-alt0.M70C.1ALT-PU-2019-2206-1231498Исправлено
MySQLp115.7.22-alt1.S18.0.37-alt1.1ALT-PU-2018-1993-1209726Исправлено
mariadbsisyphus10.2.15-alt1.S110.11.8-alt1ALT-PU-2018-1842-1206655Исправлено
mariadbp1010.2.15-alt1.S110.6.18-alt1ALT-PU-2018-1842-1206655Исправлено
mariadbp910.2.15-alt1.S110.4.34-alt0.M90P.1ALT-PU-2018-1842-1206655Исправлено
mariadbp810.1.33-alt1.M80P.110.1.48-alt1ALT-PU-2018-1853-1206813Исправлено
mariadbc10f110.2.15-alt1.S110.6.18-alt1ALT-PU-2018-1842-1206655Исправлено
mariadbc9f210.2.15-alt1.S110.6.18-alt1ALT-PU-2018-1842-1206655Исправлено
mariadbc710.3.14-alt0.M70C.110.3.14-alt0.M70C.1ALT-PU-2019-1992-1231405Исправлено
mariadbp1110.2.15-alt1.S110.11.8-alt1ALT-PU-2018-1842-1206655Исправлено

Ссылки на рекомендации, решения и инструменты

Ссылка
Ресурс
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
  • Patch
  • Vendor Advisory
1040698
  • Broken Link
  • Third Party Advisory
  • VDB Entry
103828
  • Third Party Advisory
  • VDB Entry
https://security.netapp.com/advisory/ntap-20180419-0002/
  • Third Party Advisory
[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update
  • Mailing List
  • Third Party Advisory
DSA-4176
  • Third Party Advisory
USN-3629-1
  • Third Party Advisory
USN-3629-2
  • Third Party Advisory
RHSA-2018:1254
  • Third Party Advisory
USN-3629-3
  • Third Party Advisory
[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update
  • Mailing List
  • Third Party Advisory
RHSA-2018:2439
  • Third Party Advisory
RHSA-2018:2729
  • Third Party Advisory
DSA-4341
  • Third Party Advisory
RHSA-2018:3655
  • Third Party Advisory
RHSA-2019:1258
  • Third Party Advisory
GLSA-201908-24
  • Third Party Advisory

    1. Конфигурация 1

      cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
      Start including
      5.7.0
      End including
      5.7.21
      cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
      Start including
      5.6.0
      End including
      5.6.39
      cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
      Start including
      5.5.0
      End including
      5.5.59

      Конфигурация 2

      cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
      cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
      cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

      Конфигурация 3

      cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*

      Конфигурация 4

      cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
      Start including
      10.0.0
      End excliding
      10.0.35
      cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
      Start including
      10.1.0
      End excliding
      10.1.33
      cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
      Start including
      10.2.0
      End excliding
      10.2.15
      cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
      Start including
      5.5.0
      End excliding
      5.5.60

      Конфигурация 5

      cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
      cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*

      Конфигурация 6

      cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
      cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
      cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
      cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*
      Start including
      7.3
      cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*
      Start including
      9.5
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Версия: v24.5.3
Наверх