CVE-2016-1251

There is a vulnerability of type use-after-free affecting DBD::mysql (aka DBD-mysql or the Database Interface (DBI) MySQL driver for Perl) 3.x and 4.x before 4.041 when used with mysqlserverprepare=1.

References

Affected packages

Git / github.com/perl5-dbi/dbd-mysql

Affected ranges

Type: GIT
Repo: https://github.com/perl5-dbi/dbd-mysql
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

3619c170461a3107a258d1fd2d00ed4832adb1b1

Affected versions

4.*

4.030_01

4.030_02

4.031

4.032

4.032_01

4.032_02

4.032_03

4.033

4.033_01

4.033_02

4.033_03

4.034

4.035

4.035_01

4.035_02

4.035_03

4.036

4.037

4.037_01

4.037_02

4.038

4.038_01

4.040

Other

4_012

4_013

4_014

4_015

4_019

4_020

4_022

4_022_1

Database specific

vanir_signatures

[
    {
        "id": "CVE-2016-1251-1b003cbb",
        "source": "https://github.com/perl5-dbi/dbd-mysql/commit/3619c170461a3107a258d1fd2d00ed4832adb1b1",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "188715675733561009446976502882346480394",
                "107950256441078376794216765617357782574",
                "196453871356809793990021036321253799454",
                "324900896622681343079356612221884188937"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "dbdimp.c"
        },
        "signature_type": "Line",
        "deprecated": false
    },
    {
        "id": "CVE-2016-1251-f95694e2",
        "source": "https://github.com/perl5-dbi/dbd-mysql/commit/3619c170461a3107a258d1fd2d00ed4832adb1b1",
        "signature_version": "v1",
        "digest": {
            "length": 8291.0,
            "function_hash": "326296235982873098261977955735233036713"
        },
        "target": {
            "function": "dbd_st_fetch",
            "file": "dbdimp.c"
        },
        "signature_type": "Function",
        "deprecated": false
    }
]