Red Hat Bugzilla – Bug 858730
mysql, mariadb: NULL pointer dereference by testing if ORDER BY clause can be skipped by using an index (SA#50485)
Last modified: 2016-03-04 06:32:08 EST
A NULL pointer dereference flaw was found in the way MariaDB, a community-developed branch of the MySQL database, performed tests if the ORDER BY clause, present in SQL statement could by replaced / skipped by using of an index. A database user could use this flaw to cause mysqld daemon crash (denial of service).
 https://mariadb.atlassian.net/browse/MDEV-405 (duplicate of the first one)
Relevant upstream patches:
This issue did NOT affect the versions of the mysql package, as shipped with
Red Hat Enterprise Linux 5 and 6.
This issue did NOT affect the versions of the mysql package, as shipped with Fedora release of 16 and 17.