Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. External References: https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
Created community-mysql tracking bugs for this issue: Affects: fedora-28 [bug 1698122] Affects: fedora-29 [bug 1698125] Created mariadb tracking bugs for this issue: Affects: fedora-28 [bug 1698127] Affects: fedora-29 [bug 1698128] Created mysql:5.6/community-mysql tracking bugs for this issue: Affects: fedora-28 [bug 1698123] Created mysql:5.7/community-mysql tracking bugs for this issue: Affects: fedora-29 [bug 1698126] Created mysql:8.0/community-mysql tracking bugs for this issue: Affects: fedora-28 [bug 1698124]
Hi Tomas, Yes its a duplicate. Hence, the CVE could not be added. There was an asm [http://127.0.0.1:5600/static/#/asm_ticket/20886] which didn't have the CVE in the ticket, so I had filed this, and then I found a CVE which when adding to the flaw bug, showed that the alias was already taken. On checking further, I came to know I filed a duplicate of CVE-2019-2537 which you had already filed. I kept it to study the difference between your affects and mine then.
*** This bug has been marked as a duplicate of bug 1666763 ***