Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 634652 (CVE-2017-10155, CVE-2017-10227, CVE-2017-10268, CVE-2017-10276, CVE-2017-10279, CVE-2017-10283, CVE-2017-10286, CVE-2017-10294, CVE-2017-10314, CVE-2017-10378, CVE-2017-10379, CVE-2017-10384) - <dev-db/mysql-{5.5.58,5.6.38}: Multiple Vulnerabilities
Summary: <dev-db/mysql-{5.5.58,5.6.38}: Multiple Vulnerabilities
Status: RESOLVED FIXED
Alias: CVE-2017-10155, CVE-2017-10227, CVE-2017-10268, CVE-2017-10276, CVE-2017-10279, CVE-2017-10283, CVE-2017-10286, CVE-2017-10294, CVE-2017-10314, CVE-2017-10378, CVE-2017-10379, CVE-2017-10384
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: http://www.oracle.com/technetwork/sec...
Whiteboard: A3 [glsa+ cve glsa+ blocked]
Keywords:
Depends on: CVE-2018-2562, CVE-2018-2573, CVE-2018-2583, CVE-2018-2590, CVE-2018-2591, CVE-2018-2612, CVE-2018-2622, CVE-2018-2640, CVE-2018-2645, CVE-2018-2647, CVE-2018-2665, CVE-2018-2668, CVE-2018-2696, CVE-2018-2703
Blocks: CVE-2017-3633, CVE-2017-3634, CVE-2017-3637, CVE-2017-3647, CVE-2017-3649
  Show dependency tree
 
Reported: 2017-10-18 16:27 UTC by Aleksandr Wagner (Kivak)
Modified: 2018-02-20 01:00 UTC (History)
2 users (show)

See Also:
Package list:
dev-db/mysql-5.6.38
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Aleksandr Wagner (Kivak) 2017-10-18 16:27:20 UTC
(CVE-2017-10155)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.37 and earlier and  5.7.19 and earlier. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. 

External References:

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
https://bugzilla.redhat.com/show_bug.cgi?id=1503649

(CVE-2017-10227)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.37 and earlier and  5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. 

External References:

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
https://bugzilla.redhat.com/show_bug.cgi?id=1503654

(CVE-2017-10268)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and  5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. 

External References:

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
https://bugzilla.redhat.com/show_bug.cgi?id=1503656

(CVE-2017-10276)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: FTS). Supported versions that are affected are 5.6.37 and earlier and  5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. 

External References:

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
https://bugzilla.redhat.com/show_bug.cgi?id=1503659

(CVE-2017-10279)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. 

External References:

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
https://bugzilla.redhat.com/show_bug.cgi?id=1503663

(CVE-2017-10283)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.37 and earlier and  5.7.19 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. 

External References:

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
https://bugzilla.redhat.com/show_bug.cgi?id=1503664

(CVE-2017-10286)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.37 and earlier and  5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. 

External References:

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
https://bugzilla.redhat.com/show_bug.cgi?id=1503669

(CVE-2017-10294)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.37 and earlier and  5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. 

External References:

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
https://bugzilla.redhat.com/show_bug.cgi?id=1503671

(CVE-2017-10314) 

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.37 and earlier and  5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. 

External References:

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
https://bugzilla.redhat.com/show_bug.cgi?id=1503679

(CVE-2017-10378)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and  5.7.11 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. 

External References:

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
https://bugzilla.redhat.com/show_bug.cgi?id=1503684

(CVE-2017-10379)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and  5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. 

External References:

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
https://bugzilla.redhat.com/show_bug.cgi?id=1503685

(CVE-2017-10384)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.57 and earlier 5.6.37 and earlier 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. 

External References:

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
https://bugzilla.redhat.com/show_bug.cgi?id=1503686

@ Maintainer(s): Versions 5.6.36 and 5.6.37 are vulnerable to these CVE's, however 5.5.58 is not. Please add the fixed ebuilds into the tree for the vulnerable versions.
Comment 1 Brian Evans Gentoo Infrastructure gentoo-dev 2017-10-18 16:32:10 UTC
5.6.38 added to the tree.  No support for 5.7.
Comment 2 Aleksandr Wagner (Kivak) 2017-10-18 16:56:03 UTC
Thanks. 

@Maintainer(s): Please state when you are ready for stabilization.
Comment 3 Brian Evans Gentoo Infrastructure gentoo-dev 2017-10-23 18:31:32 UTC
@ Arches, please test and mark stable.
The test suite should pass following the official instructions.
Local timeouts may be expected on resource starved machines. (each test thread can spawn up to 4 server instances)

Target keywords:
=dev-db/mysql-5.6.38 alpha amd64 arm hppa ia64 ppc ppc64 x86


# Official test instructions:
# USE='embedded extraengine perl server openssl static-libs' \
# FEATURES='test userpriv -usersandbox' \
# ebuild mysql-5.6.38.ebuild \
# clean package

# Parallel testing is enabled, auto will try to detect number of cores
# You may set this by hand.
# The default maximum is 8 unless MTR_MAX_PARALLEL is increased
export MTR_PARALLEL="${MTR_PARALLEL:-auto}"
Comment 4 Agostino Sarubbo gentoo-dev 2017-10-24 07:04:05 UTC
amd64 stable
Comment 5 Sergei Trofimovich gentoo-dev 2017-10-25 07:07:20 UTC
ia64 stable
Comment 6 Thomas Deutschmann gentoo-dev Security 2017-10-27 13:50:58 UTC
x86 stable
Comment 7 Sergei Trofimovich gentoo-dev 2017-10-28 21:42:49 UTC
ppc stable
Comment 8 Sergei Trofimovich gentoo-dev 2017-10-28 23:31:40 UTC
ppc64 stable
Comment 9 subtractum 2017-10-30 16:35:49 UTC
(In reply to Thomas Deutschmann from comment #6)
> x86 stable

Getting 404 errors from everywhere on trying to fetch "mysql-extras-20171018-1948Z.tar.bz2" for mysql-5.5.58 (x86).
Comment 10 Thomas Deutschmann gentoo-dev Security 2017-10-30 16:46:50 UTC
(In reply to subtractum from comment #9)
> (In reply to Thomas Deutschmann from comment #6)
> > x86 stable
> 
> Getting 404 errors from everywhere on trying to fetch
> "mysql-extras-20171018-1948Z.tar.bz2" for mysql-5.5.58 (x86).

The stabilization was about 5._6_.38.

Please file a bug for 5.5.58 if you have any problems fetching the file, however a quick checked showed that 5.5.58 itself is cached on our mirrors and mysql-extras is available via

> $ wget -4 -O /dev/null https://dev.gentoo.org/~grknight/distfiles/mysql-extras-20171018-1948Z.tar.bz2
> --2017-10-30 17:42:13--  https://dev.gentoo.org/~grknight/distfiles/mysql-extras-20171018-1948Z.tar.bz2
> Resolving dev.gentoo.org (dev.gentoo.org)... 140.211.166.183
> Connecting to dev.gentoo.org (dev.gentoo.org)|140.211.166.183|:443... connected.
> HTTP request sent, awaiting response... 200 OK
> Length: 313540 (306K) [application/x-bzip2]
> Saving to: ‘/dev/null’
> 
> /dev/null                     100%[=================================================>] 306,19K   429KB/s    in 0,7s
> 
> 2017-10-30 17:42:15 (429 KB/s) - ‘/dev/null’ saved [313540/313540]
>
Comment 11 subtractum 2017-10-30 17:01:31 UTC
(In reply to Thomas Deutschmann from comment #10)
> (In reply to subtractum from comment #9)
> 
> The stabilization was about 5._6_.38.
> 
> Please file a bug for 5.5.58 if you have any problems fetching the file,

Terribly sorry for the confusion. The summary of this bug says "{5.5.58,5.6.38}", which is why I posted it here.


> however a quick checked showed that 5.5.58 itself is cached on our mirrors
> and mysql-extras is available via
> 
> > $ wget -4 -O /dev/null https://dev.gentoo.org/~grknight/distfiles/mysql-extras-20171018-1948Z.tar.bz2
> > --2017-10-30 17:42:13--  https://dev.gentoo.org/~grknight/distfiles/mysql-extras-20171018-1948Z.tar.bz2

Strange - after days of trying this, including again just minutes before the above post, it never worked, but just now it successfully fetched from the above location after failing on 20 others first. I guess this is no longer an issue.

Thanks!
Comment 12 Tobias Klausmann gentoo-dev 2017-11-06 14:18:52 UTC
Stable on alpha.
Comment 13 Markus Meier gentoo-dev 2017-11-19 15:10:25 UTC
arm stable
Comment 14 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2018-01-08 21:05:32 UTC
@hppa, ping.
Comment 15 Thomas Deutschmann gentoo-dev Security 2018-01-25 18:26:51 UTC
Superseded by bug 644986.
Comment 16 Thomas Deutschmann gentoo-dev Security 2018-02-19 23:05:19 UTC
Added to an existing GLSA.
Comment 17 GLSAMaker/CVETool Bot gentoo-dev 2018-02-20 01:00:15 UTC
This issue was resolved and addressed in
 GLSA 201802-04 at https://security.gentoo.org/glsa/201802-04
by GLSA coordinator Thomas Deutschmann (whissi).