UBUNTU-CVE-2017-3635

See a problem?

Source

https://ubuntu.com/security/notices/UBUNTU-CVE-2017-3635

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2017/UBUNTU-CVE-2017-3635.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2017-3635

Related

Published

2017-07-19T00:00:00Z

Modified

2017-07-19T00:00:00Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/C). Supported versions that are affected are 6.1.10 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. Note: The documentation has also been updated for the correct way to use mysqlstmtclose(). Please see: https://dev.mysql.com/doc/refman/5.7/en/mysql-stmt-execute.html, https://dev.mysql.com/doc/refman/5.7/en/mysql-stmt-fetch.html, https://dev.mysql.com/doc/refman/5.7/en/mysql-stmt-close.html, https://dev.mysql.com/doc/refman/5.7/en/mysql-stmt-error.html, https://dev.mysql.com/doc/refman/5.7/en/mysql-stmt-errno.html, and https://dev.mysql.com/doc/refman/5.7/en/mysql-stmt-sqlstate.html. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).

References

Affected packages

Ubuntu:14.04:LTS / mysql-5.5

Package

Name: mysql-5.5
Purl: pkg:deb/ubuntu/mysql-5.5@5.5.57-0ubuntu0.14.04.1?arch=src?distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.5.57-0ubuntu0.14.04.1

Affected versions

5.*

5.5.32-0ubuntu7

5.5.34-0ubuntu1

5.5.34-0ubuntu2

5.5.35-0ubuntu1

5.5.35+dfsg-1ubuntu1

5.5.37-0ubuntu0.14.04.1

5.5.38-0ubuntu0.14.04.1

5.5.40-0ubuntu0.14.04.1

5.5.41-0ubuntu0.14.04.1

5.5.43-0ubuntu0.14.04.1

5.5.44-0ubuntu0.14.04.1

5.5.46-0ubuntu0.14.04.2

5.5.47-0ubuntu0.14.04.1

5.5.49-0ubuntu0.14.04.1

5.5.50-0ubuntu0.14.04.1

5.5.52-0ubuntu0.14.04.1

5.5.53-0ubuntu0.14.04.1

5.5.54-0ubuntu0.14.04.1

5.5.55-0ubuntu0.14.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "mysql-testsuite-5.5": "5.5.57-0ubuntu0.14.04.1",
            "libmysqld-dev": "5.5.57-0ubuntu0.14.04.1",
            "libmysqlclient18": "5.5.57-0ubuntu0.14.04.1",
            "mysql-client": "5.5.57-0ubuntu0.14.04.1",
            "mysql-client-core-5.5": "5.5.57-0ubuntu0.14.04.1",
            "mysql-server-5.5-dbgsym": "5.5.57-0ubuntu0.14.04.1",
            "mysql-common": "5.5.57-0ubuntu0.14.04.1",
            "mysql-server": "5.5.57-0ubuntu0.14.04.1",
            "mysql-server-5.5": "5.5.57-0ubuntu0.14.04.1",
            "libmysqlclient18-dbgsym": "5.5.57-0ubuntu0.14.04.1",
            "libmysqld-pic": "5.5.57-0ubuntu0.14.04.1",
            "mysql-client-5.5-dbgsym": "5.5.57-0ubuntu0.14.04.1",
            "mysql-client-5.5": "5.5.57-0ubuntu0.14.04.1",
            "mysql-testsuite": "5.5.57-0ubuntu0.14.04.1",
            "mysql-server-core-5.5-dbgsym": "5.5.57-0ubuntu0.14.04.1",
            "mysql-client-core-5.5-dbgsym": "5.5.57-0ubuntu0.14.04.1",
            "mysql-source-5.5": "5.5.57-0ubuntu0.14.04.1",
            "libmysqlclient-dev": "5.5.57-0ubuntu0.14.04.1",
            "mysql-testsuite-5.5-dbgsym": "5.5.57-0ubuntu0.14.04.1",
            "mysql-server-core-5.5": "5.5.57-0ubuntu0.14.04.1"
        }
    ]
}

Ubuntu:16.04:LTS / mysql-5.7

Package

Name: mysql-5.7
Purl: pkg:deb/ubuntu/mysql-5.7@5.7.19-0ubuntu0.16.04.1?arch=src?distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.7.19-0ubuntu0.16.04.1

Affected versions

5.*

5.7.11-0ubuntu4

5.7.11-0ubuntu5

5.7.11-0ubuntu6

5.7.12-0ubuntu1

5.7.12-0ubuntu1.1

5.7.13-0ubuntu0.16.04.2

5.7.15-0ubuntu0.16.04.1

5.7.16-0ubuntu0.16.04.1

5.7.17-0ubuntu0.16.04.1

5.7.17-0ubuntu0.16.04.2

5.7.18-0ubuntu0.16.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "mysql-client-core-5.7-dbgsym": "5.7.19-0ubuntu0.16.04.1",
            "mysql-testsuite-5.7": "5.7.19-0ubuntu0.16.04.1",
            "libmysqld-dev": "5.7.19-0ubuntu0.16.04.1",
            "mysql-client-core-5.7": "5.7.19-0ubuntu0.16.04.1",
            "mysql-client": "5.7.19-0ubuntu0.16.04.1",
            "mysql-client-5.7-dbgsym": "5.7.19-0ubuntu0.16.04.1",
            "mysql-common": "5.7.19-0ubuntu0.16.04.1",
            "mysql-server": "5.7.19-0ubuntu0.16.04.1",
            "mysql-testsuite-5.7-dbgsym": "5.7.19-0ubuntu0.16.04.1",
            "mysql-server-core-5.7": "5.7.19-0ubuntu0.16.04.1",
            "libmysqlclient20-dbgsym": "5.7.19-0ubuntu0.16.04.1",
            "mysql-server-5.7": "5.7.19-0ubuntu0.16.04.1",
            "mysql-server-core-5.7-dbgsym": "5.7.19-0ubuntu0.16.04.1",
            "mysql-testsuite": "5.7.19-0ubuntu0.16.04.1",
            "mysql-server-5.7-dbgsym": "5.7.19-0ubuntu0.16.04.1",
            "libmysqlclient20": "5.7.19-0ubuntu0.16.04.1",
            "libmysqlclient-dev": "5.7.19-0ubuntu0.16.04.1",
            "mysql-client-5.7": "5.7.19-0ubuntu0.16.04.1",
            "mysql-source-5.7": "5.7.19-0ubuntu0.16.04.1"
        }
    ]
}

Ubuntu:Pro:16.04:LTS / percona-server-5.6

Package

Name: percona-server-5.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.6.22-rel71.0-0ubuntu2

5.6.22-rel71.0-0ubuntu4

5.6.22-rel71.0-0ubuntu4.1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:16.04:LTS / percona-xtradb-cluster-5.6

Package

Name: percona-xtradb-cluster-5.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.6.21-25.8-0ubuntu2

5.6.21-25.8-0ubuntu3

5.6.21-25.8-0ubuntu3.1

5.6.21-25.8-0ubuntu3.2

5.6.34-26.19-0ubuntu0.16.04.1

5.6.34-26.19-0ubuntu0.16.04.2

5.6.37-26.21-0ubuntu0.16.04.1

5.6.37-26.21-0ubuntu0.16.04.2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:18.04:LTS / mysql-5.7

Package

Name: mysql-5.7
Purl: pkg:deb/ubuntu/mysql-5.7@5.7.19-0ubuntu1?arch=src?distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.7.19-0ubuntu1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "mysql-client-core-5.7-dbgsym": "5.7.19-0ubuntu1",
            "mysql-testsuite-5.7": "5.7.19-0ubuntu1",
            "libmysqld-dev": "5.7.19-0ubuntu1",
            "mysql-client-core-5.7": "5.7.19-0ubuntu1",
            "mysql-client": "5.7.19-0ubuntu1",
            "mysql-client-5.7-dbgsym": "5.7.19-0ubuntu1",
            "libmysqlclient20": "5.7.19-0ubuntu1",
            "mysql-testsuite-5.7-dbgsym": "5.7.19-0ubuntu1",
            "mysql-server": "5.7.19-0ubuntu1",
            "libmysqlclient20-dbgsym": "5.7.19-0ubuntu1",
            "mysql-server-5.7": "5.7.19-0ubuntu1",
            "mysql-server-core-5.7-dbgsym": "5.7.19-0ubuntu1",
            "mysql-testsuite": "5.7.19-0ubuntu1",
            "mysql-server-5.7-dbgsym": "5.7.19-0ubuntu1",
            "mysql-server-core-5.7": "5.7.19-0ubuntu1",
            "libmysqlclient-dev": "5.7.19-0ubuntu1",
            "mysql-client-5.7": "5.7.19-0ubuntu1",
            "mysql-source-5.7": "5.7.19-0ubuntu1"
        }
    ]
}