Vulnerability CVE-2020-2924: Information

Description

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Severity: MEDIUM (4.9) Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2020-2924
Published: April 15, 2020
Modified: Nov. 7, 2023

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
MySQLsisyphus8.0.20-alt18.0.36-alt1ALT-PU-2020-1885-1250763Fixed
MySQLsisyphus_riscv648.0.27-alt1.0.rv648.0.30-alt0.2.rv64ALT-PU-2021-4503-1-Fixed
MySQLp108.0.20-alt18.0.36-alt1ALT-PU-2020-1885-1250763Fixed
MySQLp98.0.20-alt18.0.26-alt2ALT-PU-2020-1904-1250781Fixed
MySQLc10f18.0.20-alt18.0.36-alt1ALT-PU-2020-1885-1250763Fixed
MySQLc9f28.0.20-alt18.0.36-alt0.c9.1ALT-PU-2020-1904-1250781Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://www.oracle.com/security-alerts/cpuapr2020.html
  • Vendor Advisory
https://security.netapp.com/advisory/ntap-20200416-0003/
  • Third Party Advisory
USN-4350-1
  • Third Party Advisory
GLSA-202105-27
  • Third Party Advisory
FEDORA-2020-20ac7c92a1
    FEDORA-2020-136dc82437
      FEDORA-2020-261c9ddd7c

          1. Configuration 1

            cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
            Start including
            8.0.0
            End including
            8.0.19

            Configuration 2

            cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
            cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
            cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*

            Configuration 3

            cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
            cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
            cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
            cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

            Configuration 4

            cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
            cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
            cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
            cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*
            Start including
            7.3
            cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*
            Start including
            9.5
        VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
        Version: v24.4.2
        Back to top