CVE-2018-2562
- Source
- https://cve.org/CVERecord?id=CVE-2018-2562
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-2562.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2018-2562
- Downstream
- Related
- Published
- 2018-01-18T02:29:17.490Z
- Modified
- 2026-02-03T07:08:53.695523Z
- Severity
-
- 7.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).
- References
-
- http://www.securitytracker.com/id/1040216
- https://usn.ubuntu.com/3537-1/
- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
- http://www.securityfocus.com/bid/102713
- http://www.securitytracker.com/id/1040216
- https://access.redhat.com/errata/RHSA-2018:0587
- https://access.redhat.com/errata/RHSA-2018:2439
- https://access.redhat.com/errata/RHSA-2018:2729
- https://access.redhat.com/errata/RHSA-2019:1258
- https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html
- https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html
- https://security.netapp.com/advisory/ntap-20180117-0002/
- https://usn.ubuntu.com/3537-2/
- https://www.debian.org/security/2018/dsa-4091
- https://www.debian.org/security/2018/dsa-4341
- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
- https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html
- https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html
Affected packages
Git / github.com/mariadb/server
Affected ranges
- Type
- GIT
- Repo
- https://github.com/mariadb/server
- Events
-
IntroducedFixedIntroducedFixedIntroducedFixedIntroducedFixed
Affected versions
mariadb-10.*
mariadb-10.0.25
mariadb-10.0.26
mariadb-10.0.27
mariadb-10.0.28
mariadb-10.0.29
mariadb-10.0.30
mariadb-10.0.31
mariadb-10.0.32
mariadb-10.0.33
mariadb-10.0.34
mariadb-10.1.14
mariadb-10.1.15
mariadb-10.1.16
mariadb-10.1.17
mariadb-10.1.18
mariadb-10.1.19
mariadb-10.1.20
mariadb-10.1.21
mariadb-10.1.22
mariadb-10.1.23
mariadb-10.1.24
mariadb-10.1.25
mariadb-10.1.26
mariadb-10.1.27
mariadb-10.1.28
mariadb-10.1.29
mariadb-10.1.30
mariadb-10.1.31
mariadb-10.2.0
mariadb-10.2.1
mariadb-10.2.10
mariadb-10.2.11
mariadb-10.2.12
mariadb-10.2.2
mariadb-10.2.3
mariadb-10.2.4
mariadb-10.2.5
mariadb-10.2.6
mariadb-10.2.7
mariadb-10.2.8
mariadb-10.2.9
mariadb-5.*
mariadb-5.5.49
mariadb-5.5.50
mariadb-5.5.51
mariadb-5.5.52
mariadb-5.5.53
mariadb-5.5.54
mariadb-5.5.55
mariadb-5.5.56
mariadb-5.5.57
mariadb-5.5.58
mariadb-5.5.59
mariadb-galera-10.*
mariadb-galera-10.0.25
mariadb-galera-10.0.26
mariadb-galera-10.0.27
mariadb-galera-10.0.28
mariadb-galera-10.0.29
mariadb-galera-10.0.30
mariadb-galera-10.0.31
mariadb-galera-10.0.32
mariadb-galera-10.0.33
mariadb-galera-10.0.34
mariadb-galera-5.*
mariadb-galera-5.5.49
mariadb-galera-5.5.50
mariadb-galera-5.5.51
mysql-5.*
mysql-5.5.49
mysql-5.5.50
mysql-5.5.51
mysql-5.5.52
mysql-5.5.53
mysql-5.5.54
mysql-5.5.55
mysql-5.5.56
mysql-5.5.57
mysql-5.5.58
mysql-5.5.59
Database specific
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-2562.json"
vanir_signatures
[
{
"source": "https://github.com/mariadb/server/commit/00f0c039d2f4213ccf0a0202349ecb162a799989",
"target": {
"file": "storage/innobase/fsp/fsp0file.cc",
"function": "Datafile::restore_from_doublewrite"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-2562-35955af8",
"signature_type": "Function",
"digest": {
"function_hash": "130605097230749778694010073870346686670",
"length": 1054.0
}
},
{
"source": "https://github.com/mariadb/server/commit/00f0c039d2f4213ccf0a0202349ecb162a799989",
"target": {
"file": "storage/innobase/os/os0file.cc",
"function": "os_file_write_func"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-2562-63cb60d2",
"signature_type": "Function",
"digest": {
"function_hash": "225684029145934870115777883669100534248",
"length": 960.0
}
},
{
"source": "https://github.com/mariadb/server/commit/00f0c039d2f4213ccf0a0202349ecb162a799989",
"target": {
"file": "storage/innobase/handler/ha_innodb.cc"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-2562-73c034dd",
"signature_type": "Line",
"digest": {
"line_hashes": [
"270860312524047975223998427597379069133",
"138700069694352925751092711221965681083",
"73177570771323724918039668023285208338",
"334316589423847422718539826515170429787"
],
"threshold": 0.9
}
},
{
"source": "https://github.com/mariadb/server/commit/00f0c039d2f4213ccf0a0202349ecb162a799989",
"target": {
"file": "storage/innobase/fsp/fsp0file.cc"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-2562-74431fcb",
"signature_type": "Line",
"digest": {
"line_hashes": [
"142954440393337238364499438551411317676",
"222393189091191459111113825646834264347",
"218786519671436864181379588620900852574",
"47343729200658771295506502538095007608",
"114042143539907191956327849716988713876"
],
"threshold": 0.9
}
},
{
"source": "https://github.com/mariadb/server/commit/00f0c039d2f4213ccf0a0202349ecb162a799989",
"target": {
"file": "storage/innobase/log/log0recv.cc"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-2562-79f1104b",
"signature_type": "Line",
"digest": {
"line_hashes": [
"185075245068664039325029482465215810291",
"332123619142345873462417961515224028149",
"279792484854263699879640871403809161912",
"26110594930125329989886054578182194610"
],
"threshold": 0.9
}
},
{
"source": "https://github.com/mariadb/server/commit/00f0c039d2f4213ccf0a0202349ecb162a799989",
"target": {
"file": "extra/mariabackup/xtrabackup.cc",
"function": "xtrabackup_backup_func"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-2562-84ac66cb",
"signature_type": "Function",
"digest": {
"function_hash": "316540848342180118779221857666050078639",
"length": 9466.0
}
},
{
"source": "https://github.com/mariadb/server/commit/00f0c039d2f4213ccf0a0202349ecb162a799989",
"target": {
"file": "storage/innobase/fsp/fsp0sysspace.cc"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-2562-93e2b7d3",
"signature_type": "Line",
"digest": {
"line_hashes": [
"36077434821275875247811855456353572105",
"160581400765285351176714843658421363508",
"766346996563297499073672373392412876",
"211150773200112696487715150603501049777"
],
"threshold": 0.9
}
},
{
"source": "https://github.com/mariadb/server/commit/00f0c039d2f4213ccf0a0202349ecb162a799989",
"target": {
"file": "storage/innobase/log/log0recv.cc",
"function": "recv_init_crash_recovery_spaces"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-2562-9a1f1e99",
"signature_type": "Function",
"digest": {
"function_hash": "68988844885919766892113874866915131823",
"length": 2117.0
}
},
{
"source": "https://github.com/mariadb/server/commit/00f0c039d2f4213ccf0a0202349ecb162a799989",
"target": {
"file": "extra/mariabackup/xtrabackup.cc",
"function": "xb_load_tablespaces"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-2562-9ed06d3d",
"signature_type": "Function",
"digest": {
"function_hash": "61688056747625301825107397785610625027",
"length": 1435.0
}
},
{
"source": "https://github.com/mariadb/server/commit/00f0c039d2f4213ccf0a0202349ecb162a799989",
"target": {
"file": "extra/mariabackup/xtrabackup.cc"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-2562-c8156020",
"signature_type": "Line",
"digest": {
"line_hashes": [
"10836350722366508992115719304931899919",
"313172078672241696523004237139405359507",
"127803409878542658969602070866683137262",
"50652555589067442011188990995813019082",
"283928848828838093908684271187431787106",
"299074893176668912988681797415969708150",
"6321873636136299859751854381117970802",
"324440987259170321930944114802905990638",
"173258812540214653539287437580893304143"
],
"threshold": 0.9
}
},
{
"source": "https://github.com/mariadb/server/commit/00f0c039d2f4213ccf0a0202349ecb162a799989",
"target": {
"file": "storage/innobase/include/fsp0file.h"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-2562-d7da5a49",
"signature_type": "Line",
"digest": {
"line_hashes": [
"75278074706413613809406016363572072456",
"137935962809119759940085893828396599894",
"264338671440348818089795647450576095197",
"205375926455532591392422900073845632398",
"108292044452921360659566642416443155746"
],
"threshold": 0.9
}
},
{
"source": "https://github.com/mariadb/server/commit/00f0c039d2f4213ccf0a0202349ecb162a799989",
"target": {
"file": "storage/innobase/handler/ha_innodb.cc",
"function": "innodb_make_page_dirty"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-2562-dd1d00db",
"signature_type": "Function",
"digest": {
"function_hash": "245222482251486452532970526960647548905",
"length": 742.0
}
},
{
"source": "https://github.com/mariadb/server/commit/00f0c039d2f4213ccf0a0202349ecb162a799989",
"target": {
"file": "storage/innobase/fsp/fsp0sysspace.cc",
"function": "SysTablespace::read_lsn_and_check_flags"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-2562-edef8987",
"signature_type": "Function",
"digest": {
"function_hash": "120134255564222204347753978400896185616",
"length": 1114.0
}
},
{
"source": "https://github.com/mariadb/server/commit/00f0c039d2f4213ccf0a0202349ecb162a799989",
"target": {
"file": "storage/innobase/os/os0file.cc"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2018-2562-f5650a73",
"signature_type": "Line",
"digest": {
"line_hashes": [
"215992549750288932437508368358727087603",
"216474942203275196967132544327490846901",
"39406859376278680657854698126409261900",
"7697263132410919682525481477251438694",
"57904983498328393684578034683468974781"
],
"threshold": 0.9
}
}
]
Git / github.com/mysql/mysql-server
Affected versions
mysql-5.*
mysql-5.0.87sp1
mysql-5.0.90
mysql-5.0.91
mysql-5.0.92
mysql-5.0.93
mysql-5.0.94
mysql-5.0.95
mysql-5.0.96
mysql-5.1.40sp1
mysql-5.1.41
mysql-5.1.42
mysql-5.1.43
mysql-5.1.43sp1
mysql-5.1.44
mysql-5.1.45
mysql-5.1.46
mysql-5.1.46sp1
mysql-5.1.47
mysql-5.1.48
mysql-5.1.49
mysql-5.1.49sp1
mysql-5.1.50
mysql-5.1.51
mysql-5.1.52
mysql-5.1.52sp1
mysql-5.1.53
mysql-5.1.54
mysql-5.1.55
mysql-5.1.56
mysql-5.1.57
mysql-5.1.58
mysql-5.1.59
mysql-5.1.60
mysql-5.1.61
mysql-5.1.62
mysql-5.1.63
mysql-5.1.65
mysql-5.1.66
mysql-5.1.67
mysql-5.1.68
mysql-5.1.69
mysql-5.1.69-retag
mysql-5.1.70
mysql-5.1.71
mysql-5.1.72
mysql-5.1.73
mysql-5.1.74
mysql-5.1.75
mysql-5.1.76
mysql-5.1.77
mysql-5.5.0
mysql-5.5.1-m2
mysql-5.5.10
mysql-5.5.11
mysql-5.5.12
mysql-5.5.13
mysql-5.5.14
mysql-5.5.15
mysql-5.5.16
mysql-5.5.17
mysql-5.5.18
mysql-5.5.19
mysql-5.5.2-m2
mysql-5.5.20
mysql-5.5.21
mysql-5.5.22
mysql-5.5.23
mysql-5.5.24
mysql-5.5.25
mysql-5.5.25a
mysql-5.5.27
mysql-5.5.28
mysql-5.5.29
mysql-5.5.3-m3
mysql-5.5.30
mysql-5.5.31
mysql-5.5.32
mysql-5.5.33
mysql-5.5.34
mysql-5.5.35
mysql-5.5.36
mysql-5.5.37
mysql-5.5.38
mysql-5.5.39
mysql-5.5.40
mysql-5.5.41
mysql-5.5.42
mysql-5.5.43
mysql-5.5.44
mysql-5.5.45
mysql-5.5.46
mysql-5.5.47
mysql-5.5.48
mysql-5.5.49
mysql-5.5.5-m3
mysql-5.5.50
mysql-5.5.51
mysql-5.5.52
mysql-5.5.53
mysql-5.5.54
mysql-5.5.55
mysql-5.5.56
mysql-5.5.57
mysql-5.5.58
mysql-5.5.6-rc
mysql-5.5.7
mysql-5.5.8
mysql-5.5.9