Launchpad.net

CVE 2018-2761

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).

Related bugs and status

CVE-2018-2761 (Candidate) is related to these bugs:

Bug #1779715: USN-3629-3: partially applies to MariaDB too

		In	Importance	Status
1779715	USN-3629-3: partially applies to MariaDB too	mariadb-5.5 (Ubuntu)	Undecided	Fix Released
1779715	USN-3629-3: partially applies to MariaDB too	mariadb-10.0 (Ubuntu)	Undecided	Fix Released
1779715	USN-3629-3: partially applies to MariaDB too	mariadb-10.1 (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.oracle.com/...
BID: 103820
SECTRACK: 1040698
MLIST: [debian-lts-announce] ...
CONFIRM: https://security.netap...
DEBIAN: DSA-4176
UBUNTU: USN-3629-1
REDHAT: RHSA-2018:1254
UBUNTU: USN-3629-2
UBUNTU: USN-3629-3
MLIST: [debian-lts-announce] ...
REDHAT: RHSA-2018:2439
REDHAT: RHSA-2018:2729
DEBIAN: DSA-4341
REDHAT: RHSA-2018:3655
REDHAT: RHSA-2019:1258
GENTOO: GLSA-201908-24