oss-sec mailing list archives
Re: CVE Request -- MySQL v5.1.49 -- multiple DoS flaws
From: "Steven M. Christey" <coley () linus mitre org>
Date: Tue, 28 Sep 2010 18:06:44 -0400 (EDT)
Sorry for the delay...There are several issues of the same bug type, but based solely on the "Version" field in the associated MySQL bug IDs, it appears that each issue has a different set of affected (fixed?) versions. So these all wind up being SPLIT from each other.
1, Security Fix: After changing the values of the innodb_file_format orinnodb_file_per_table configuration parameters, DDL statementscould cause a server crash. (Bug#55039) References: http://bugs.mysql.com/bug.php?id=55039 https://bugzilla.redhat.com/show_bug.cgi?id=628660 Reason: Assertion failure leading to server abort.
CVE-2010-3676
2, Security Fix: Joins involving a table with a unique SET column could cause a server crash. (Bug#54575) References: http://bugs.mysql.com/bug.php?id=54575 https://bugzilla.redhat.com/show_bug.cgi?id=628040 Reason: NULL pointer dereference leading to (temporary) server DoS.
CVE-2010-3677
3, Security Fix: Incorrect handling of NULL arguments could lead to a crash for IN() or CASE operations when NULL arguments were either passed explicitly as arguments (for IN()) or implicitly generated by the WITH ROLLUP modifier (for IN() and CASE). (Bug#54477) References: http://bugs.mysql.com/bug.php?id=54477 https://bugzilla.redhat.com/show_bug.cgi?id=628172 Reason: NULL pointer dereference leading to (temporary) server DoS.
CVE-2010-3678
4, Security Fix: A malformed argument to the BINLOG statement could result in Valgrind warnings or a server crash. (Bug#54393) References: http://bugs.mysql.com/bug.php?id=54393 https://bugzilla.redhat.com/show_bug.cgi?id=628062Reason: Use of unassigned memory leading to (temporary) server DoS (crash).
CVE-2010-3679
5, Security Fix: Use of TEMPORARY InnoDB tables with nullable columns could causea server crash. (Bug#54044) References: http://bugs.mysql.com/bug.php?id=54044 https://bugzilla.redhat.com/show_bug.cgi?id=628192 Reason: Assertion failure leading to server abort.
CVE-2010-3680
6, Security Fix: The server could crash if there were alternate reads fromtwo indexes on a table using the HANDLER interface. (Bug#54007)References: http://bugs.mysql.com/bug.php?id=54007 https://bugzilla.redhat.com/show_bug.cgi?id=628680 Reason: Assertion failure leading to server abort.
CVE-2010-3681
7, Security Fix: Using EXPLAIN with queries of the form SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...) could cause a server crash. (Bug#52711) References: http://bugs.mysql.com/bug.php?id=52711 https://bugzilla.redhat.com/show_bug.cgi?id=628328 Reason: NULL pointer dereference leading to (temporary) server DoS.
CVE-2010-3682
8, Security Fix: LOAD DATA INFILE did not check for SQL errors and sent an OK packet even when errors were already reported. Also, an assert related to client-server protocol checking in debug servers sometimes was raised when it should not have been. (Bug#52512) References: http://bugs.mysql.com/bug.php?id=52512 https://bugzilla.redhat.com/show_bug.cgi?id=628698 Reason: Assertion failure leading to server abort.
CVE-2010-3683 - Steve
Current thread:
- CVE Request -- MySQL v5.1.49 -- multiple DoS flaws Jan Lieskovsky (Aug 30)
- Re: CVE Request -- MySQL v5.1.49 -- multiple DoS flaws Josh Bressers (Sep 10)
- Re: CVE Request -- MySQL v5.1.49 -- multiple DoS flaws Josh Bressers (Sep 22)
- Re: CVE Request -- MySQL v5.1.49 -- multiple DoS flaws Steven M. Christey (Sep 28)
- Re: CVE Request -- MySQL v5.1.49 -- multiple DoS flaws Josh Bressers (Sep 10)