SB2018022021 - Gentoo update for MySQL
Published: February 20, 2018
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 51 secuirty vulnerabilities.
1) Denial of service (CVE-ID: CVE-2017-10155)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists due to an error in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). A remote attacker can use multiple protocols to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
Successful exploitation of the vulnerability results in denial of service.
2) Denial of service (CVE-ID: CVE-2017-10227)
The vulnerability allows a remote high-privileged attacker to cause DoS condition on the target system.The weakness exists due to an error in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). A remote attacker can use multiple protocols to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
Successful exploitation of the vulnerability results in denial of service.
3) Information disclosure (CVE-ID: CVE-2017-10268)
The vulnerability allows a local high-privileged attacker to obtain potentially sensitive information on the target system.The weakness exists due to an error in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). A local attacker can gain unauthorized access to critical data or complete access to all MySQL Server accessible data.
Successful exploitation of the vulnerability results in information disclosure.
4) Denial of service (CVE-ID: CVE-2017-10276)
The vulnerability allows a remote low-privileged attacker to cause DoS condition on the target system.The weakness exists due to an error in the MySQL Server component of Oracle MySQL (subcomponent: Server: FTS). A remote attacker can use multiple protocols to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
Successful exploitation of the vulnerability results in denial of service.
5) Denial of service (CVE-ID: CVE-2017-10283)
The vulnerability allows a remote low-privileged attacker to cause DoS condition on the target system.The weakness exists due to an error in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). A remote attacker can use multiple protocols to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
Successful exploitation of the vulnerability results in denial of service.
6) Denial of service (CVE-ID: CVE-2017-10286)
The vulnerability allows a remote high-privileged attacker to cause DoS condition on the target system.The weakness exists due to an error in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). A remote attacker can use multiple protocols to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
Successful exploitation of the vulnerability results in denial of service.
7) Denial of service (CVE-ID: CVE-2017-10294)
The vulnerability allows a remote low-privileged attacker to cause DoS condition on the target system.The weakness exists due to an error in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). A remote attacker can use multiple protocols to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
Successful exploitation of the vulnerability results in denial of service.
8) Denial of service (CVE-ID: CVE-2017-10314)
The vulnerability allows a remote high-privileged attacker to cause DoS condition on the target system.The weakness exists due to an error in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). A remote attacker can use multiple protocols to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
Successful exploitation of the vulnerability results in denial of service.
9) Denial of service (CVE-ID: CVE-2017-10378)
The vulnerability allows a remote low-privileged attacker to cause DoS condition on the target system.The weakness exists due to an error in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). A remote attacker can use multiple protocols to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
Successful exploitation of the vulnerability results in denial of service.
10) Information disclosure (CVE-ID: CVE-2017-10379)
The vulnerability allows a remote low-privileged attacker to obtain potentially sensitive information on the target system.The weakness exists due to an error in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). A remote attacker can gain unauthorized access to critical data or complete access to all MySQL Server accessible data.
Successful exploitation of the vulnerability results in information disclosure.
11) Denial of service (CVE-ID: CVE-2017-10384)
The vulnerability allows a remote low-privileged attacker to cause DoS condition on the target system.The weakness exists due to an error in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). A remote attacker can use multiple protocols to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
Successful exploitation of the vulnerability results in denial of service.
12) Security restrictions bypass (CVE-ID: CVE-2017-3308)
The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.The weakness exists in MySQL Server due to improper security restrictions. A remote attacker can cause the service to crash.
13) Security restrictions bypass (CVE-ID: CVE-2017-3309)
The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.The weakness exists in MySQL Server due to improper security restrictions. A remote attacker can cause the service to crash.
14) Improper input validation (CVE-ID: CVE-2017-3329)
The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.The weakness exists due to improper input validation within the Thread Pooling subcomponent. A remote attacker can send a specially crated MySQL packet to the affected server and cause it to crash.
15) Security restrictions bypass (CVE-ID: CVE-2017-3450)
The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.The weakness exists in MySQL Server due to improper security restrictions. A remote attacker can cause the service to crash.
16) Security restrictions bypass (CVE-ID: CVE-2017-3452)
The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.The weakness exists in MySQL Server due to improper security restrictions. A remote attacker can cause the service to crash.
17) Security restrictions bypass (CVE-ID: CVE-2017-3453)
The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.The weakness exists in MySQL Server due to improper security restrictions. A remote attacker can cause the service to crash.
18) Security restrictions bypass (CVE-ID: CVE-2017-3456)
The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.The weakness exists in MySQL Server due to improper security restrictions. A remote attacker can cause the service to crash.
19) Security restrictions bypass (CVE-ID: CVE-2017-3461)
The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.The weakness exists in MySQL Server due to improper security restrictions. A remote attacker can cause the service to crash.
20) Security restrictions bypass (CVE-ID: CVE-2017-3462)
The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.The weakness exists in MySQL Server due to improper security restrictions. A remote attacker can cause the service to crash.
21) Security restrictions bypass (CVE-ID: CVE-2017-3463)
The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.The weakness exists in MySQL Server due to improper security restrictions. A remote attacker can cause the service to crash.
22) Security restrictions bypass (CVE-ID: CVE-2017-3464)
The vulnerability allows a remote authenticated attacker to write arbitrary files on the target system.The weakness exists in MySQL Server due to improper security restrictions. A remote attacker can update, insert or delete some of MySQL Server accessible data.
23) Security restrictions bypass (CVE-ID: CVE-2017-3599)
The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.The weakness exists in MySQL Server due to improper security restrictions. A remote attacker can cause the service to crash.
24) Command injection (CVE-ID: CVE-2017-3600)
The vulnerability allows a remote attacker to execute arbitrary shell or SQL commands on the target system.The weakness exists due to command injection. A remote authenticated attacker can execute arbitrary shell or SQL commands.
25) Improper Access Control (CVE-ID: CVE-2017-3633)
The vulnerability exists due to an unspecified error in the MySQL Server within Memcached component. A remote unauthenticated attacker can exploit the vulnerability to modify certain data on the system and perform a denial of service (DoS) attack.
26) Improper Access Control (CVE-ID: CVE-2017-3634)
The vulnerability exists due to an unspecified error in the MySQL Server within DML component. A remote authenticated attacker can exploit the vulnerability to perform a denial of service attack.
27) Improper Access Control (CVE-ID: CVE-2017-3635)
The vulnerability exists due to an unspecified error in the MySQL Server within C API component. A remote authenticated attacker can exploit the vulnerability to perform a denial of service attack.
28) Improper Access Control (CVE-ID: CVE-2017-3636)
The vulnerability exists due to an unspecified error in the MySQL Server within Client programs component. A local user can exploit the vulnerability to gain full access to MySQL databases.
29) Improper Access Control (CVE-ID: CVE-2017-3637)
The vulnerability exists due to an unspecified error in the MySQL Server within X Plugin component. A remote authenticated attacker can exploit the vulnerability to perform a denial of service attack.
30) Improper Access Control (CVE-ID: CVE-2017-3641)
The vulnerability exists due to an unspecified error in the MySQL Server within DML component. A remote privileged user can exploit the vulnerability to perform a denial of service attack.
31) Improper Access Control (CVE-ID: CVE-2017-3647)
The vulnerability exists due to an unspecified error in the MySQL Server within Replication component. A remote privileged user can exploit the vulnerability to perform a denial of service attack.
32) Improper Access Control (CVE-ID: CVE-2017-3648)
The vulnerability exists due to an unspecified error in the MySQL Server within Charsets component. A remote privileged user can exploit the vulnerability to perform a denial of service attack.
33) Improper Access Control (CVE-ID: CVE-2017-3649)
The vulnerability exists due to an unspecified error in the MySQL Server within Replication component. A remote privileged user can exploit the vulnerability to perform a denial of service attack.
34) Improper Access Control (CVE-ID: CVE-2017-3651)
The vulnerability exists due to an unspecified error in the MySQL Server within Client mysqldump component. A remote authenticated attacker can exploit the vulnerability to perform unauthorized modification of data.
35) Improper Access Control (CVE-ID: CVE-2017-3652)
The vulnerability exists due to an unspecified error in the MySQL Server within DDL component. A remote authenticated attacker can exploit the vulnerability to gain access unauthorized access and modify data.
36) Improper Access Control (CVE-ID: CVE-2017-3653)
The vulnerability exists due to an unspecified error in the MySQL Server within DDL component. A remote authenticated attacker can exploit the vulnerability to perform unauthorized modification of data.
37) Information disclosure (CVE-ID: CVE-2017-3732)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to propagating error in the x86_64 Montgomery squaring procedure. A remote attacker with access to unpatched vulnerable system that uses a shared private key with Diffie-Hellman (DH) parameters set can gain unauthorized access to sensitive private key information.
According to vendor’s advisory, this vulnerability is unlikely to be exploited in real-world attacks, as it requires significant resources and online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients.
Vulnerability exploitation against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely.
38) Improper Access Control (CVE-ID: CVE-2018-2562)
The vulnerability exists due to an unspecified error in the MySQL Server. A remote authenticated attacker can exploit the vulnerability to modify certain data on the system and perform a denial of service (DoS) attack.
39) Improper input validation (CVE-ID: CVE-2018-2573)
The vulnerability exists due to an unspecified error in the MySQL Server. A remote authenticated attacker can exploit the vulnerability to perform a denial of service attack.
40) Improper input validation (CVE-ID: CVE-2018-2583)
The vulnerability exists due to an unspecified error in the MySQL Server. A remote privileged user can exploit the vulnerability to perform a denial of service attack.
41) Improper input validation (CVE-ID: CVE-2018-2590)
The vulnerability exists due to an unspecified error in the MySQL Server. A remote privileged user can exploit the vulnerability to perform a denial of service attack.
42) Improper input validation (CVE-ID: CVE-2018-2591)
The vulnerability exists due to an unspecified error in the MySQL Server. A remote privileged user can exploit the vulnerability to perform a denial of service attack.
43) Improper Access Control (CVE-ID: CVE-2018-2612)
The vulnerability exists due to an unspecified error in the MySQL Server. A remote privileged user can exploit the vulnerability to modify or delete certain data in database.
44) Improper input validation (CVE-ID: CVE-2018-2622)
The vulnerability exists due to an unspecified error in the MySQL Server. A remote authenticated attacker can exploit the vulnerability to perform a denial of service attack.
45) Improper input validation (CVE-ID: CVE-2018-2640)
The vulnerability exists due to an unspecified error in the MySQL Server. A remote authenticated attacker can exploit the vulnerability to perform a denial of service attack.
46) Information Exposure (CVE-ID: CVE-2018-2645)
The vulnerability allows a remote attacker to obtain potentially sensitive information.The vulnerability exists due to an unspecified error in the MySQL Server. A remote privileged user can exploit the vulnerability to gain access to sensitive information.
47) Improper Access Control (CVE-ID: CVE-2018-2647)
The vulnerability exists due to an unspecified error in the MySQL Server. A remote privileged user can exploit the vulnerability to modify certain data on the system and perform a denial of service (DoS) attack.
48) Improper input validation (CVE-ID: CVE-2018-2665)
The vulnerability exists due to an unspecified error in the MySQL Server. A remote authenticated attacker can exploit the vulnerability to perform a denial of service attack.
49) Improper input validation (CVE-ID: CVE-2018-2668)
The vulnerability exists due to an unspecified error in the MySQL Server. A remote authenticated attacker can exploit the vulnerability to perform a denial of service attack.
50) Improper input validation (CVE-ID: CVE-2018-2696)
The vulnerability exists due to an unspecified error in the MySQL Server. A remote unauthenticated attacker can exploit the vulnerability to perform a denial of service attack.
51) Improper input validation (CVE-ID: CVE-2018-2703)
The vulnerability exists due to an unspecified error in the MySQL Server. A remote authenticated attacker can exploit the vulnerability to perform a denial of service attack.
Remediation
Install update from vendor's website.