PublicDateAtUSN: 2018-07-18 Candidate: CVE-2018-3063 PublicDate: 2018-07-18 13:29:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3063 http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html https://ubuntu.com/security/notices/USN-3725-1 https://ubuntu.com/security/notices/USN-3725-2 Description: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.60 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Ubuntu-Description: Notes: mdeslaur> 5.5 only Bugs: Priority: medium Discovered-by: Assigned-to: CVSS: nvd: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H [4.9 MEDIUM] Patches_mysql-5.5: upstream_mysql-5.5: released (5.5.61) precise/esm_mysql-5.5: released (5.5.61-0ubuntu0.12.04.1) trusty_mysql-5.5: released (5.5.61-0ubuntu0.14.04.1) trusty/esm_mysql-5.5: released (5.5.61-0ubuntu0.14.04.1) vivid_mysql-5.5: DNE xenial_mysql-5.5: DNE artful_mysql-5.5: DNE bionic_mysql-5.5: DNE cosmic_mysql-5.5: DNE disco_mysql-5.5: DNE eoan_mysql-5.5: DNE focal_mysql-5.5: DNE groovy_mysql-5.5: DNE hirsute_mysql-5.5: DNE impish_mysql-5.5: DNE jammy_mysql-5.5: DNE devel_mysql-5.5: DNE Patches_mysql-5.6: upstream_mysql-5.6: not-affected precise/esm_mysql-5.6: DNE trusty_mysql-5.6: not-affected trusty/esm_mysql-5.6: DNE (trusty was not-affected) xenial_mysql-5.6: DNE artful_mysql-5.6: DNE bionic_mysql-5.6: DNE cosmic_mysql-5.6: DNE disco_mysql-5.6: DNE eoan_mysql-5.6: DNE focal_mysql-5.6: DNE groovy_mysql-5.6: DNE hirsute_mysql-5.6: DNE impish_mysql-5.6: DNE jammy_mysql-5.6: DNE devel_mysql-5.6: DNE Patches_mysql-5.7: upstream_mysql-5.7: not-affected precise/esm_mysql-5.7: DNE trusty_mysql-5.7: DNE trusty/esm_mysql-5.7: DNE xenial_mysql-5.7: not-affected esm-infra/xenial_mysql-5.7: not-affected artful_mysql-5.7: not-affected bionic_mysql-5.7: not-affected cosmic_mysql-5.7: not-affected disco_mysql-5.7: not-affected eoan_mysql-5.7: DNE focal_mysql-5.7: DNE groovy_mysql-5.7: DNE hirsute_mysql-5.7: DNE impish_mysql-5.7: DNE jammy_mysql-5.7: DNE devel_mysql-5.7: DNE Patches_mariadb-5.5: upstream_mariadb-5.5: released (5.5.61) precise/esm_mariadb-5.5: DNE trusty_mariadb-5.5: released (5.5.61-1ubuntu0.14.04.1) trusty/esm_mariadb-5.5: DNE (trusty was released [5.5.61-1ubuntu0.14.04.1]) xenial_mariadb-5.5: DNE artful_mariadb-5.5: DNE bionic_mariadb-5.5: DNE cosmic_mariadb-5.5: DNE disco_mariadb-5.5: DNE eoan_mariadb-5.5: DNE focal_mariadb-5.5: DNE groovy_mariadb-5.5: DNE hirsute_mariadb-5.5: DNE impish_mariadb-5.5: DNE jammy_mariadb-5.5: DNE devel_mariadb-5.5: DNE Patches_mariadb-10.0: upstream_mariadb-10.0: released (10.0.36) precise/esm_mariadb-10.0: DNE trusty_mariadb-10.0: DNE trusty/esm_mariadb-10.0: DNE xenial_mariadb-10.0: released (10.0.36-0ubuntu0.16.04.1) artful_mariadb-10.0: DNE bionic_mariadb-10.0: DNE cosmic_mariadb-10.0: DNE disco_mariadb-10.0: DNE eoan_mariadb-10.0: DNE focal_mariadb-10.0: DNE groovy_mariadb-10.0: DNE hirsute_mariadb-10.0: DNE impish_mariadb-10.0: DNE jammy_mariadb-10.0: DNE devel_mariadb-10.0: DNE Patches_mariadb-10.1: upstream_mariadb-10.1: released (10.1.35) precise/esm_mariadb-10.1: DNE trusty_mariadb-10.1: DNE trusty/esm_mariadb-10.1: DNE xenial_mariadb-10.1: DNE artful_mariadb-10.1: ignored (reached end-of-life) bionic_mariadb-10.1: released (1:10.1.38-0ubuntu0.18.04.1) cosmic_mariadb-10.1: released (1:10.1.38-0ubuntu0.18.10.2) disco_mariadb-10.1: DNE eoan_mariadb-10.1: DNE focal_mariadb-10.1: DNE groovy_mariadb-10.1: DNE hirsute_mariadb-10.1: DNE impish_mariadb-10.1: DNE jammy_mariadb-10.1: DNE devel_mariadb-10.1: DNE Patches_percona-xtradb-cluster-5.5: upstream_percona-xtradb-cluster-5.5: needs-triage precise/esm_percona-xtradb-cluster-5.5: DNE trusty_percona-xtradb-cluster-5.5: ignored (reached end-of-life) trusty/esm_percona-xtradb-cluster-5.5: DNE (trusty was needs-triage) xenial_percona-xtradb-cluster-5.5: DNE artful_percona-xtradb-cluster-5.5: DNE bionic_percona-xtradb-cluster-5.5: DNE cosmic_percona-xtradb-cluster-5.5: DNE disco_percona-xtradb-cluster-5.5: DNE eoan_percona-xtradb-cluster-5.5: DNE focal_percona-xtradb-cluster-5.5: DNE groovy_percona-xtradb-cluster-5.5: DNE hirsute_percona-xtradb-cluster-5.5: DNE impish_percona-xtradb-cluster-5.5: DNE jammy_percona-xtradb-cluster-5.5: DNE devel_percona-xtradb-cluster-5.5: DNE Patches_percona-xtradb-cluster-5.6: upstream_percona-xtradb-cluster-5.6: needs-triage precise/esm_percona-xtradb-cluster-5.6: DNE trusty_percona-xtradb-cluster-5.6: DNE trusty/esm_percona-xtradb-cluster-5.6: DNE xenial_percona-xtradb-cluster-5.6: ignored (end of standard support, was needs-triage) artful_percona-xtradb-cluster-5.6: ignored (reached end-of-life) bionic_percona-xtradb-cluster-5.6: DNE cosmic_percona-xtradb-cluster-5.6: DNE disco_percona-xtradb-cluster-5.6: DNE eoan_percona-xtradb-cluster-5.6: DNE focal_percona-xtradb-cluster-5.6: DNE groovy_percona-xtradb-cluster-5.6: DNE hirsute_percona-xtradb-cluster-5.6: DNE impish_percona-xtradb-cluster-5.6: DNE jammy_percona-xtradb-cluster-5.6: DNE devel_percona-xtradb-cluster-5.6: DNE Patches_percona-server-5.6: upstream_percona-server-5.6: needs-triage precise/esm_percona-server-5.6: DNE trusty_percona-server-5.6: DNE trusty/esm_percona-server-5.6: DNE xenial_percona-server-5.6: ignored (end of standard support, was needs-triage) artful_percona-server-5.6: ignored (reached end-of-life) bionic_percona-server-5.6: DNE cosmic_percona-server-5.6: DNE disco_percona-server-5.6: DNE eoan_percona-server-5.6: DNE focal_percona-server-5.6: DNE groovy_percona-server-5.6: DNE hirsute_percona-server-5.6: DNE impish_percona-server-5.6: DNE jammy_percona-server-5.6: DNE devel_percona-server-5.6: DNE Patches_mysql-8.0: upstream_mysql-8.0: needs-triage precise/esm_mysql-8.0: DNE trusty_mysql-8.0: DNE trusty/esm_mysql-8.0: DNE xenial_mysql-8.0: DNE bionic_mysql-8.0: DNE disco_mysql-8.0: DNE eoan_mysql-8.0: not-affected focal_mysql-8.0: not-affected groovy_mysql-8.0: not-affected hirsute_mysql-8.0: not-affected impish_mysql-8.0: not-affected jammy_mysql-8.0: not-affected devel_mysql-8.0: not-affected