PublicDateAtUSN: 2022-01-19 12:15:00 UTC
Candidate: CVE-2022-21254
PublicDate: 2022-01-19 12:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21254
 https://www.oracle.com/security-alerts/cpujan2022.html
 https://ubuntu.com/security/notices/USN-5270-1
Description:
 Vulnerability in the MySQL Server product of Oracle MySQL (component:
 Server: Optimizer). Supported versions that are affected are 8.0.27 and
 prior. Difficult to exploit vulnerability allows low privileged attacker
 with network access via multiple protocols to compromise MySQL Server.
 Successful attacks of this vulnerability can result in unauthorized ability
 to cause a hang or frequently repeatable crash (complete DOS) of MySQL
 Server. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector:
 (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).
Ubuntu-Description:
Notes:
 leosilva> since 5.5 is no longer upstream supported and so far we cannot
  patch it, marking it as ignored.
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H [5.3 MEDIUM]

Patches_mysql-5.5:
upstream_mysql-5.5: needs-triage
trusty_mysql-5.5: ignored (out of standard support)
trusty/esm_mysql-5.5: ignored
vivid_mysql-5.5: DNE
xenial_mysql-5.5: DNE
bionic_mysql-5.5: DNE
focal_mysql-5.5: DNE
hirsute_mysql-5.5: DNE
impish_mysql-5.5: DNE
jammy_mysql-5.5: DNE
devel_mysql-5.5: DNE

Patches_mysql-5.6:
upstream_mysql-5.6: needs-triage
trusty_mysql-5.6: ignored (out of standard support)
trusty/esm_mysql-5.6: DNE
xenial_mysql-5.6: DNE
bionic_mysql-5.6: DNE
focal_mysql-5.6: DNE
hirsute_mysql-5.6: DNE
impish_mysql-5.6: DNE
jammy_mysql-5.6: DNE
devel_mysql-5.6: DNE

Patches_mysql-5.7:
upstream_mysql-5.7: not-affected (8.x only)
trusty_mysql-5.7: DNE
trusty/esm_mysql-5.7: DNE
xenial_mysql-5.7: not-affected (8.x only)
esm-infra/xenial_mysql-5.7: not-affected (8.x only)
bionic_mysql-5.7: not-affected (8.x only)
focal_mysql-5.7: DNE
hirsute_mysql-5.7: DNE
impish_mysql-5.7: DNE
jammy_mysql-5.7: DNE
devel_mysql-5.7: DNE

Patches_mysql-8.0:
upstream_mysql-8.0: released (8.0.28)
trusty_mysql-8.0: DNE
trusty/esm_mysql-8.0: DNE
xenial_mysql-8.0: DNE
bionic_mysql-8.0: DNE
focal_mysql-8.0: released (8.0.28-0ubuntu0.20.04.3)
hirsute_mysql-8.0: ignored (reached end-of-life)
impish_mysql-8.0: released (8.0.28-0ubuntu0.21.10.3)
jammy_mysql-8.0: released (8.0.28-0ubuntu2)
devel_mysql-8.0: released (8.0.28-0ubuntu2)

Patches_mariadb-5.5:
upstream_mariadb-5.5: needs-triage
trusty_mariadb-5.5: ignored (out of standard support)
trusty/esm_mariadb-5.5: DNE
xenial_mariadb-5.5: DNE
bionic_mariadb-5.5: DNE
focal_mariadb-5.5: DNE
hirsute_mariadb-5.5: DNE
impish_mariadb-5.5: DNE
jammy_mariadb-5.5: DNE
devel_mariadb-5.5: DNE

Patches_mariadb-10.0:
upstream_mariadb-10.0: needs-triage
trusty_mariadb-10.0: DNE
trusty/esm_mariadb-10.0: DNE
xenial_mariadb-10.0: ignored (end of standard support, was needs-triage)
bionic_mariadb-10.0: DNE
focal_mariadb-10.0: DNE
hirsute_mariadb-10.0: DNE
impish_mariadb-10.0: DNE
jammy_mariadb-10.0: DNE
devel_mariadb-10.0: DNE

Patches_mariadb-10.1:
upstream_mariadb-10.1: needs-triage
trusty_mariadb-10.1: DNE
trusty/esm_mariadb-10.1: DNE
xenial_mariadb-10.1: DNE
bionic_mariadb-10.1: needs-triage
focal_mariadb-10.1: DNE
hirsute_mariadb-10.1: DNE
impish_mariadb-10.1: DNE
jammy_mariadb-10.1: DNE
devel_mariadb-10.1: DNE

Patches_mariadb-10.3:
upstream_mariadb-10.3: needs-triage
trusty_mariadb-10.3: DNE
trusty/esm_mariadb-10.3: DNE
xenial_mariadb-10.3: DNE
bionic_mariadb-10.3: DNE
focal_mariadb-10.3: needs-triage
hirsute_mariadb-10.3: DNE
impish_mariadb-10.3: DNE
jammy_mariadb-10.3: DNE
devel_mariadb-10.3: DNE

Patches_mariadb-10.5:
upstream_mariadb-10.5: needs-triage
trusty_mariadb-10.5: DNE
trusty/esm_mariadb-10.5: DNE
xenial_mariadb-10.5: DNE
bionic_mariadb-10.5: DNE
focal_mariadb-10.5: DNE
hirsute_mariadb-10.5: ignored (reached end-of-life)
impish_mariadb-10.5: needs-triage

Patches_percona-xtradb-cluster-5.5:
upstream_percona-xtradb-cluster-5.5: needs-triage
trusty_percona-xtradb-cluster-5.5: ignored (out of standard support)
trusty/esm_percona-xtradb-cluster-5.5: DNE
xenial_percona-xtradb-cluster-5.5: DNE
bionic_percona-xtradb-cluster-5.5: DNE
focal_percona-xtradb-cluster-5.5: DNE
hirsute_percona-xtradb-cluster-5.5: DNE
impish_percona-xtradb-cluster-5.5: DNE
jammy_percona-xtradb-cluster-5.5: DNE
devel_percona-xtradb-cluster-5.5: DNE

Patches_percona-xtradb-cluster-5.6:
upstream_percona-xtradb-cluster-5.6: needs-triage
trusty_percona-xtradb-cluster-5.6: DNE
trusty/esm_percona-xtradb-cluster-5.6: DNE
xenial_percona-xtradb-cluster-5.6: ignored (end of standard support, was needs-triage)
bionic_percona-xtradb-cluster-5.6: DNE
focal_percona-xtradb-cluster-5.6: DNE
hirsute_percona-xtradb-cluster-5.6: DNE
impish_percona-xtradb-cluster-5.6: DNE
jammy_percona-xtradb-cluster-5.6: DNE
devel_percona-xtradb-cluster-5.6: DNE

Patches_percona-server-5.6:
upstream_percona-server-5.6: needs-triage
trusty_percona-server-5.6: DNE
trusty/esm_percona-server-5.6: DNE
xenial_percona-server-5.6: ignored (end of standard support, was needs-triage)
bionic_percona-server-5.6: DNE
focal_percona-server-5.6: DNE
hirsute_percona-server-5.6: DNE
impish_percona-server-5.6: DNE
jammy_percona-server-5.6: DNE
devel_percona-server-5.6: DNE