Red Hat Bugzilla – Bug 628062
CVE-2010-3679 MySQL: Use of unassigned memory (valgrind errors / crash) by providing certain values to BINLOG statement (MySQL BZ#54393)
Last modified: 2015-08-19 04:53:31 EDT
A use of unassigned memory was found in the way MySQL processed certain values
provided to the BINLOG statement. A remote attacker could use this flaw to
cause denial of service (mysqld daemon crash) in some cases.
Upstream bug report:
The impact of this flaw is further mitigated by the requirement only
privileged user can run the BINLOG statement.
Public reproducers (from ):
This issue did NOT affect the versions of the mysql package, as shipped
with Red Hat Enterprise Linux 3, 4, or 5.
This issue affects the versions of the mysql package, as shipped with
Fedora release of 12 and 13.
CVE Request: http://www.openwall.com/lists/oss-security/2010/08/30/8
Created mysql tracking bugs for this issue
Affects: fedora-all [bug 636780]
The CVE identifier of CVE-2010-3679 has been assigned to this issue.
Not vulnerable. This issue did not affect the versions of mysql as
shipped with Red Hat Enterprise Linux 3, 4, or 5.
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RHSA-2011:0164 https://rhn.redhat.com/errata/RHSA-2011-0164.html