CVE-2020-2580 in Ubuntu

CVE-2020-2580

Priority

Description

Vulnerability in the MySQL Server product of Oracle MySQL (component:
Server: DDL). Supported versions that are affected are 8.0.17 and prior.
Easily exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability
to cause a hang or frequently repeatable crash (complete DOS) of MySQL
Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector:
(CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2580
https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
https://www.oracle.com/security-alerts/cpujan2020.html

Notes

leosilva	since 5.5 is no longer upstream supported and so far we cannot patch it, marking it as ignored.
mdeslaur	8.0 only

Package

Source: mariadb-10.0 (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 20.04 LTS (Focal Fossa):	DNE
Ubuntu 20.10 (Groovy Gorilla):	DNE
Ubuntu 21.04 (Hirsute Hippo):	DNE
Ubuntu 21.10 (Impish Indri):	DNE

Package

Source: mariadb-10.1 (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected (mysql only)
Ubuntu 20.04 LTS (Focal Fossa):	DNE
Ubuntu 20.10 (Groovy Gorilla):	DNE
Ubuntu 21.04 (Hirsute Hippo):	DNE
Ubuntu 21.10 (Impish Indri):	DNE

Package

Source: mariadb-10.3 (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 20.04 LTS (Focal Fossa):	not-affected (mysql only)
Ubuntu 20.10 (Groovy Gorilla):	not-affected (mysql only)
Ubuntu 21.04 (Hirsute Hippo):	DNE
Ubuntu 21.10 (Impish Indri):	DNE

Package

Source: mariadb-5.5 (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 20.04 LTS (Focal Fossa):	DNE
Ubuntu 20.10 (Groovy Gorilla):	DNE
Ubuntu 21.04 (Hirsute Hippo):	DNE
Ubuntu 21.10 (Impish Indri):	DNE

Package

Source: mysql-5.5 (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):	ignored
Ubuntu 14.04 ESM (Trusty Tahr):	ignored
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 20.04 LTS (Focal Fossa):	DNE
Ubuntu 20.10 (Groovy Gorilla):	DNE
Ubuntu 21.04 (Hirsute Hippo):	DNE
Ubuntu 21.10 (Impish Indri):	DNE

Package

Source: mysql-5.6 (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 20.04 LTS (Focal Fossa):	DNE
Ubuntu 20.10 (Groovy Gorilla):	DNE
Ubuntu 21.04 (Hirsute Hippo):	DNE
Ubuntu 21.10 (Impish Indri):	DNE

Package

Source: mysql-5.7 (LP Ubuntu Debian)

Upstream:	not-affected (8.0.x only)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 16.06 ESM (Xenial Xerus):	not-affected (8.0.x only)
Ubuntu 18.04 LTS (Bionic Beaver):	not-affected (8.0.x only)
Ubuntu 20.04 LTS (Focal Fossa):	DNE
Ubuntu 20.10 (Groovy Gorilla):	DNE
Ubuntu 21.04 (Hirsute Hippo):	DNE
Ubuntu 21.10 (Impish Indri):	DNE

Package

Source: mysql-8.0 (LP Ubuntu Debian)

Upstream:	released (8.0.18)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 20.04 LTS (Focal Fossa):	released (8.0.18-0ubuntu5)
Ubuntu 20.10 (Groovy Gorilla):	released (8.0.18-0ubuntu5)
Ubuntu 21.04 (Hirsute Hippo):	released (8.0.18-0ubuntu5)
Ubuntu 21.10 (Impish Indri):	released (8.0.18-0ubuntu5)

Package

Source: percona-server-5.6 (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 20.04 LTS (Focal Fossa):	DNE
Ubuntu 20.10 (Groovy Gorilla):	DNE
Ubuntu 21.04 (Hirsute Hippo):	DNE
Ubuntu 21.10 (Impish Indri):	DNE

Package

Source: percona-xtradb-cluster-5.5 (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 20.04 LTS (Focal Fossa):	DNE
Ubuntu 20.10 (Groovy Gorilla):	DNE
Ubuntu 21.04 (Hirsute Hippo):	DNE
Ubuntu 21.10 (Impish Indri):	DNE

Package

Source: percona-xtradb-cluster-5.6 (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	DNE
Ubuntu 20.04 LTS (Focal Fossa):	DNE
Ubuntu 20.10 (Groovy Gorilla):	DNE
Ubuntu 21.04 (Hirsute Hippo):	DNE
Ubuntu 21.10 (Impish Indri):	DNE

More Information

Updated: 2021-05-04 00:38:29 UTC (commit 61bbf0559dcfe3627656e8b3f6ff9af9f95423b1)