CVE-2017-3302

Name
CVE-2017-3302
Description
Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Third Party Advisory http://www.debian.org/security/2017/dsa-3809
Third Party Advisory http://www.debian.org/security/2017/dsa-3834
Mailing List http://www.openwall.com/lists/oss-security/2017/02/11/11
Patch http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
Third Party Advisory http://www.securityfocus.com/bid/96162
Third Party Advisory http://www.securitytracker.com/id/1038287
Third Party Advisory https://access.redhat.com/errata/RHSA-2017:2192
Third Party Advisory https://access.redhat.com/errata/RHSA-2017:2787
Third Party Advisory https://access.redhat.com/errata/RHSA-2018:0279
Third Party Advisory https://access.redhat.com/errata/RHSA-2018:0574

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* mysql >= 5.6.0 < 5.6.21
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* mysql >= 5.7.0 < 5.7.5

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
mariadb edge-main 10.1.22-r0 None fixed
mariadb 3.22-main 10.1.22-r0 None fixed
mariadb 3.21-main 10.1.22-r0 None fixed
mariadb 3.20-main 10.1.22-r0 None fixed
mariadb 3.19-main 10.1.22-r0 None fixed
mariadb 3.18-main 10.1.22-r0 None fixed
mariadb 3.17-main 10.1.22-r0 None fixed
mariadb 3.12-main 10.1.22-r0 None fixed
mariadb 3.11-main 10.1.22-r0 None fixed
mariadb 3.10-main 10.1.22-r0 None fixed