CVE-2017-15945

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2017-15945

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-15945.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-15945

Published

2017-10-27T21:29:00.310Z

Modified

2026-02-22T01:08:03.429842Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, dev-db/percona-server, dev-db/mysql-cluster, and dev-db/mariadb-galera packages before 2017-09-29 have chown calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to the mysql account for creation of a link.

References

Affected packages

Git / github.com/mariadb/server

Affected ranges

Type: GIT
Repo: https://github.com/mariadb/server
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

656d0f10e51a554ec2ff895c5e25e16a5da0d00e

Affected versions

mariadb-10.*

mariadb-10.0.11

mariadb-10.0.12

mariadb-10.0.13

mariadb-10.0.14

mariadb-10.0.15

mariadb-10.0.16

mariadb-10.0.17

mariadb-10.0.18

mariadb-10.0.19

mariadb-10.0.20

mariadb-10.0.21

mariadb-10.0.22

mariadb-10.0.23

mariadb-10.0.24

mariadb-10.0.25

mariadb-10.0.26

mariadb-10.0.27

mariadb-10.0.28

mariadb-10.0.29

mariadb-10.0.30

mariadb-5.*

mariadb-5.5.37

mariadb-5.5.38

mariadb-5.5.39

mariadb-5.5.40

mariadb-5.5.41

mariadb-5.5.42

mariadb-5.5.43

mariadb-5.5.44

mariadb-5.5.45

mariadb-5.5.46

mariadb-5.5.47

mariadb-5.5.48

mariadb-5.5.49

mariadb-5.5.50

mariadb-5.5.51

mariadb-5.5.52

mariadb-5.5.53

mariadb-5.5.54

mariadb-galera-10.*

mariadb-galera-10.0.10

mariadb-galera-10.0.11

mariadb-galera-10.0.12

mariadb-galera-10.0.13

mariadb-galera-10.0.14

mariadb-galera-10.0.15

mariadb-galera-10.0.16

mariadb-galera-10.0.17

mariadb-galera-10.0.19

mariadb-galera-10.0.20

mariadb-galera-10.0.21

mariadb-galera-10.0.22

mariadb-galera-10.0.23

mariadb-galera-10.0.24

mariadb-galera-10.0.25

mariadb-galera-10.0.26

mariadb-galera-10.0.27

mariadb-galera-10.0.28

mariadb-galera-10.0.29

mariadb-galera-10.0.7

mariadb-galera-10.0.7a

mariadb-galera-5.*

mariadb-galera-5.5.25

mariadb-galera-5.5.28a

mariadb-galera-5.5.29

mariadb-galera-5.5.32

mariadb-galera-5.5.32a

mariadb-galera-5.5.34

mariadb-galera-5.5.35

mariadb-galera-5.5.36

mariadb-galera-5.5.36a

mariadb-galera-5.5.37

mariadb-galera-5.5.38

mariadb-galera-5.5.39

mariadb-galera-5.5.40

mariadb-galera-5.5.41

mariadb-galera-5.5.42

mariadb-galera-5.5.43

mariadb-galera-5.5.44

mariadb-galera-5.5.45

mariadb-galera-5.5.46

mariadb-galera-5.5.47

mariadb-galera-5.5.48

mariadb-galera-5.5.49

mariadb-galera-5.5.50

mariadb-galera-5.5.51

mysql-5.*

mysql-5.5.37

mysql-5.5.38

mysql-5.5.39

mysql-5.5.40

mysql-5.5.41

mysql-5.5.42

mysql-5.5.43

mysql-5.5.44

mysql-5.5.45

mysql-5.5.46

mysql-5.5.47

mysql-5.5.48

mysql-5.5.49

mysql-5.5.50

mysql-5.5.51

mysql-5.5.52

mysql-5.5.53

mysql-5.5.54

percona-xtradb-1.*

percona-xtradb-1.0.2-1

tokudb-7.*

tokudb-7.1.0

tokudb-7.1.5

tokudb-7.1.5-rc.1

tokudb-7.1.5-rc.2

tokudb-7.1.5-rc.3

tokudb-7.1.5-rc.4

Other

tokudb-ps-1

tokudb-ps-2

tokumx-1.*

tokumx-1.0.0-rc.0

tokumx-1.0.0-rc.2

tokumx-1.0.0-rc.4

tokumx-1.0.0-rc.5

tokumx-1.0.0-rc.6

tokumx-1.0.2

tokumx-1.0.4

tokumx-1.0.4-rc.0

tokumx-1.0.4-rc.1

tokumx-1.0.4-rc.2

tokumx-1.1.0

tokumx-1.1.1

tokumx-1.1.1-rc.0

tokumx-1.2.0-rc.2

tokumx-1.3.0-rc.0

tokumx-1.3.0-rc.1

tokumx-1.4.0+hotfix.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-15945.json"