A flaw in MySQL versions prior to 5.1.51 [1] was reported [2] that could allow an authenticated user to kill connections to MySQL by creating a query with the GREATEST() or LEAST() functions having a mixed list of numeric and LONGBLOB arguments. [1] http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html [2] http://bugs.mysql.com/bug.php?id=54461 This is noted as having been fixed in MySQL 5.1.51, but it does not cause a crash on MySQL 5.0.50 in Fedora 13. It also causes a crash on Red Hat Enterprise Linux 5 (5.0.77) but not Red Hat Enterprise Linux 4 (4.1.22).
This issue has been assigned the name CVE-2010-3838: http://article.gmane.org/gmane.comp.security.oss.general/3627
Upstream patch: http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.1/revision/3461.1.8
Created attachment 453405 [details] upstream patch
This issue did NOT affect the versions of the mysql package, as shipped with Red Hat Enterprise Linux 3 and 4. This issue affects the version of mysql package, as shipped with Red Hat Enterprise Linux 5 and 6. --- This issue affects the version of the mysql package, as shipped with Fedora 12. This issue did NOT affect the version of the mysql package, as shipped with Fedora 13.
Created mysql tracking bugs for this issue Affects: fedora-12 [bug 645647]
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2010:0825 https://rhn.redhat.com/errata/RHSA-2010-0825.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2011:0164 https://rhn.redhat.com/errata/RHSA-2011-0164.html