Bug 1422119 (CVE-2017-3302) - CVE-2017-3302 mysql: prepared statement handle use-after-free after disconnect
Summary: CVE-2017-3302 mysql: prepared statement handle use-after-free after disconnect
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2017-3302
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1422122 1445524 1445525 1458933 1463415 1463416 1463417 1463418
Blocks: 1422124 1443389
TreeView+ depends on / blocked
 
Reported: 2017-02-14 14:05 UTC by Martin Prpič
Modified: 2019-09-29 14:07 UTC (History)
27 users (show)

Fixed In Version: mysql 5.5.55, mysql 5.6.21, mysql 5.7.5, mariadb 10.0.30, mariadb 10.1.22, mariadb 10.2.5, mariadb 5.5.55
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the way MySQL client library (libmysqlclient) handled prepared statements when server connection was lost. A malicious server or a man-in-the-middle attacker could possibly use this flaw to crash an application using libmysqlclient.
Clone Of:
Environment:
Last Closed: 2018-03-21 15:02:59 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2017:2192 normal SHIPPED_LIVE Moderate: mariadb security and bug fix update 2017-08-01 18:18:36 UTC
Red Hat Product Errata RHSA-2017:2787 normal SHIPPED_LIVE Important: rh-mysql56-mysql security and bug fix update 2017-09-21 11:42:12 UTC
Red Hat Product Errata RHSA-2018:0279 normal SHIPPED_LIVE Moderate: rh-mariadb100-mariadb security update 2018-02-06 18:00:11 UTC
Red Hat Product Errata RHSA-2018:0574 None None None 2018-03-21 14:03:19 UTC

Description Martin Prpič 2017-02-14 14:05:11 UTC
A use-after-free flaw was found in the MySQL client library (libmysqlclient.so). A malicious MySQL server could cause an application using the MySQL client library to crash.

Upstream bugs:

https://bugs.mysql.com/bug.php?id=70429
https://bugs.mysql.com/bug.php?id=63363

Upstream patch:

https://github.com/mysql/mysql-server/commit/4797ea0b772d5f4c5889bc552424132806f46e93

Comment 1 Martin Prpič 2017-02-14 14:07:13 UTC
Created community-mysql tracking bugs for this issue:

Affects: fedora-all [bug 1422122]

Comment 2 Martin Prpič 2017-02-14 14:10:26 UTC
This was first posted on oss-sec:

http://www.openwall.com/lists/oss-security/2017/01/28/1

Comment 3 Tomas Hoger 2017-04-24 12:35:07 UTC
The issue was fixed in MySQL 5.5.55 and is listed in the April 2017 CPU:

http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL

Comment 10 errata-xmlrpc 2017-08-01 19:44:06 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2017:2192 https://access.redhat.com/errata/RHSA-2017:2192

Comment 11 errata-xmlrpc 2017-09-21 07:47:34 UTC
This issue has been addressed in the following products:

  Red Hat Software Collections for Red Hat Enterprise Linux 6
  Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS
  Red Hat Software Collections for Red Hat Enterprise Linux 7
  Red Hat Software Collections for Red Hat Enterprise Linux 7.3 EUS

Via RHSA-2017:2787 https://access.redhat.com/errata/RHSA-2017:2787

Comment 12 errata-xmlrpc 2018-02-06 11:00:53 UTC
This issue has been addressed in the following products:

  Red Hat Software Collections for Red Hat Enterprise Linux 6
  Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS
  Red Hat Software Collections for Red Hat Enterprise Linux 7
  Red Hat Software Collections for Red Hat Enterprise Linux 7.3 EUS
  Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS

Via RHSA-2018:0279 https://access.redhat.com/errata/RHSA-2018:0279

Comment 13 errata-xmlrpc 2018-03-21 14:03:06 UTC
This issue has been addressed in the following products:

  Red Hat Software Collections for Red Hat Enterprise Linux 6
  Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS
  Red Hat Software Collections for Red Hat Enterprise Linux 7
  Red Hat Software Collections for Red Hat Enterprise Linux 7.3 EUS
  Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS

Via RHSA-2018:0574 https://access.redhat.com/errata/RHSA-2018:0574


Note You need to log in before you can comment on or make changes to this bug.