CVE-2017-10313 in Ubuntu

CVE-2017-10313

Priority

Description

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent:
Group Replication GCS). Supported versions that are affected are 5.7.19 and
earlier. Easily exploitable vulnerability allows high privileged attacker
with network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability
to cause a hang or frequently repeatable crash (complete DOS) of MySQL
Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector:
(CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10313
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
https://ubuntu.com/security/notices/USN-3459-1
https://mariadb.com/kb/en/library/security-vulnerabilities-in-oracle-mysql-that-did-not-exist-in-mariadb/

Notes

mdeslaur

5.7 only

Package

Source: mariadb-10.0 (LP Ubuntu Debian)

Upstream:	not-affected (mysql only)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	DNE
Ubuntu 21.10:	DNE
Ubuntu 22.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: mariadb-10.1 (LP Ubuntu Debian)

Upstream:	not-affected (mysql only)
Ubuntu 18.04 LTS:	not-affected (mysql only)
Ubuntu 20.04 LTS:	DNE
Ubuntu 21.10:	DNE
Ubuntu 22.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: mariadb-5.5 (LP Ubuntu Debian)

Upstream:	not-affected (mysql only)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	DNE
Ubuntu 21.10:	DNE
Ubuntu 22.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE (trusty was not-affected [mysql only])

Patches:

Package

Source: mysql-5.5 (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	DNE
Ubuntu 21.10:	DNE
Ubuntu 22.04 LTS:	DNE
Ubuntu 14.04 ESM:	not-affected

Patches:

Package

Source: mysql-5.6 (LP Ubuntu Debian)

Upstream:	not-affected
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	DNE
Ubuntu 21.10:	DNE
Ubuntu 22.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE (trusty was not-affected)

Patches:

Package

Source: mysql-5.7 (LP Ubuntu Debian)

Upstream:	released (5.7.20)
Ubuntu 18.04 LTS:	released (5.7.20-0ubuntu0.17.10.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 21.10:	DNE
Ubuntu 16.04 ESM:	released (5.7.20-0ubuntu0.16.04.1)
Ubuntu 22.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: mysql-8.0 (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	not-affected
Ubuntu 21.10:	not-affected
Ubuntu 22.04 LTS:	not-affected
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: percona-server-5.6 (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	DNE
Ubuntu 21.10:	DNE
Ubuntu 22.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: percona-xtradb-cluster-5.5 (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	DNE
Ubuntu 21.10:	DNE
Ubuntu 22.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE (trusty was needs-triage)

Patches:

Package

Source: percona-xtradb-cluster-5.6 (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	DNE
Ubuntu 21.10:	DNE
Ubuntu 22.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

More Information

Updated: 2022-04-25 00:18:44 UTC (commit ecc1009cb19540b950de59270950018900f37f15)