A use of unassigned memory was found in the way MySQL processed certain values provided to the BINLOG statement. A remote attacker could use this flaw to cause denial of service (mysqld daemon crash) in some cases. References: [1] http://secunia.com/advisories/41048/ [2] http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html Upstream bug report: [3] http://bugs.mysql.com/bug.php?id=54393 Upstream changeset: [4] http://lists.mysql.com/commits/111591 Note: The impact of this flaw is further mitigated by the requirement only privileged user can run the BINLOG statement.
Public reproducers (from [4]): BINLOG ''; BINLOG '123'; BINLOG '-2079193929'; BINLOG 'xç↓%~∙D╒ƒ╡';
This issue did NOT affect the versions of the mysql package, as shipped with Red Hat Enterprise Linux 3, 4, or 5. -- This issue affects the versions of the mysql package, as shipped with Fedora release of 12 and 13.
CVE Request: http://www.openwall.com/lists/oss-security/2010/08/30/8
Created mysql tracking bugs for this issue Affects: fedora-all [bug 636780]
The CVE identifier of CVE-2010-3679 has been assigned to this issue.
Statement: Not vulnerable. This issue did not affect the versions of mysql as shipped with Red Hat Enterprise Linux 3, 4, or 5.
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2011:0164 https://rhn.redhat.com/errata/RHSA-2011-0164.html