CVE-2014-4274
Published: 10 September 2014
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to SERVER:MyISAM.
Priority
Status
Package | Release | Status |
---|---|---|
mariadb-5.5 Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
bionic |
Does not exist
|
|
cosmic |
Does not exist
|
|
disco |
Does not exist
|
|
lucid |
Does not exist
|
|
precise |
Does not exist
|
|
trusty |
Released
(5.5.39-0ubuntu0.14.04.1)
|
|
upstream |
Released
(5.5.39-1)
|
|
utopic |
Not vulnerable
(5.5.39-2)
|
|
vivid |
Does not exist
|
|
wily |
Does not exist
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
mysql-5.5 Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
bionic |
Does not exist
|
|
cosmic |
Does not exist
|
|
disco |
Does not exist
|
|
lucid |
Does not exist
|
|
precise |
Released
(5.5.40-0ubuntu0.12.04.1)
|
|
trusty |
Released
(5.5.40-0ubuntu0.14.04.1)
|
|
upstream |
Released
(5.5.39-1)
|
|
utopic |
Not vulnerable
(5.5.39-0ubuntu4)
|
|
vivid |
Does not exist
|
|
wily |
Does not exist
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
Patches: upstream: http://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/4638 |
||
mysql-5.6 Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
bionic |
Does not exist
|
|
cosmic |
Does not exist
|
|
disco |
Does not exist
|
|
lucid |
Does not exist
|
|
precise |
Does not exist
|
|
trusty |
Released
(5.6.27-0ubuntu0.14.04.1)
|
|
upstream |
Released
(5.6.20)
|
|
utopic |
Ignored
(end of life)
|
|
vivid |
Not vulnerable
(5.6.23-1~exp1~ubuntu4)
|
|
wily |
Not vulnerable
(5.6.23-1~exp1~ubuntu4)
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
percona-xtradb-cluster-5.5 Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
bionic |
Does not exist
|
|
cosmic |
Does not exist
|
|
disco |
Does not exist
|
|
lucid |
Does not exist
|
|
precise |
Does not exist
|
|
trusty |
Does not exist
(trusty was needed)
|
|
upstream |
Released
(5.7)
|
|
utopic |
Ignored
(end of life)
|
|
vivid |
Does not exist
|
|
wily |
Does not exist
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
Patches: upstream: https://github.com/percona/percona-xtradb-cluster/commit/b9c03d41e492984bdea2da923eac1e62cf5264f7#diff-7f00f3d145695f227d299d5443747527 |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274
- http://www.openwall.com/lists/oss-security/2014/09/10/5
- https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html
- https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-20.html
- http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
- https://ubuntu.com/security/notices/USN-2384-1
- NVD
- Launchpad
- Debian