CVE-2017-3308
- Source
- https://cve.org/CVERecord?id=CVE-2017-3308
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-3308.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2017-3308
- Downstream
- Related
- Published
- 2017-04-24T19:59:00.927Z
- Modified
- 2026-04-11T04:14:28.875856Z
- Severity
-
- 7.7 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).
- References
-
- https://access.redhat.com/errata/RHSA-2017:2886
- https://access.redhat.com/errata/RHSA-2018:0279
- http://www.debian.org/security/2017/dsa-3834
- http://www.debian.org/security/2017/dsa-3944
- http://www.securityfocus.com/bid/97725
- https://access.redhat.com/errata/RHSA-2018:0574
- http://www.securitytracker.com/id/1038287
- https://access.redhat.com/errata/RHSA-2017:2192
- https://access.redhat.com/errata/RHSA-2017:2787
- http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
Affected packages
Git / github.com/mariadb/server
Affected ranges
- Type
- GIT
- Repo
- https://github.com/mariadb/server
- Events
- Database specific
{ "versions": [ { "introduced": "10.0.0" }, { "fixed": "10.0.31" }, { "introduced": "10.1.0" }, { "fixed": "10.1.23" }, { "introduced": "10.2.0" }, { "fixed": "10.2.6" } ] }
- Type
- GIT
- Repo
- https://github.com/mysql/mysql-server
- Events
-
IntroducedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroducedFixedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "5.5.0" }, { "last_affected": "5.5.54" }, { "introduced": "5.6.0" }, { "last_affected": "5.6.35" }, { "introduced": "5.7.0" }, { "last_affected": "5.7.17" }, { "introduced": "0" }, { "last_affected": "8.0" }, { "introduced": "5.5.0" }, { "fixed": "5.5.55" }, { "introduced": "0" }, { "last_affected": "7.5" } ] }
Affected versions
mariadb-10.*
mariadb-10.1.0
mariadb-10.1.10
mariadb-10.1.11
mariadb-10.1.12
mariadb-10.1.13
mariadb-10.1.14
mariadb-10.1.15
mariadb-10.1.16
mariadb-10.1.17
mariadb-10.1.18
mariadb-10.1.19
mariadb-10.1.2
mariadb-10.1.20
mariadb-10.1.21
mariadb-10.1.22
mariadb-10.1.3
mariadb-10.1.4
mariadb-10.1.5
mariadb-10.1.6
mariadb-10.1.7
mariadb-10.1.8
mariadb-10.1.9
mariadb-10.2.0
mariadb-10.2.1
mariadb-10.2.2
mariadb-10.2.5
mysql-3.*
mysql-3.23.22-beta
mysql-3.23.28-gamma
mysql-3.23.30-gamma
mysql-3.23.31
mysql-3.23.32
mysql-3.23.33
mysql-3.23.36
mysql-4.*
mysql-4.0.2
mysql-4.0.4
mysql-5.*
mysql-5.1.4
mysql-5.5.15
mysql-5.5.19
mysql-5.5.23
mysql-5.5.25
mysql-5.5.27
mysql-5.5.44
mysql-5.5.47
mysql-5.5.49
mysql-5.5.54
mysql-5.6.35
mysql-5.7.17
mysql-8.*
mysql-8.0.0
mysql-cluster-7.*
mysql-cluster-7.5.0
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.0"
}
]
}
]
vanir_signatures_modified
"2026-04-11T04:14:28Z"
vanir_signatures
[
{
"deprecated": false,
"target": {
"file": "client/mysqldump.c",
"function": "dump_events_for_db"
},
"id": "CVE-2017-3308-0b2a382b",
"signature_type": "Function",
"source": "https://github.com/mysql/mysql-server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9",
"signature_version": "v1",
"digest": {
"function_hash": "283872701544742768257779130745336628180",
"length": 3056.0
}
},
{
"deprecated": false,
"target": {
"file": "client/mysqldump.c",
"function": "write_header"
},
"id": "CVE-2017-3308-0deb9fd5",
"signature_type": "Function",
"source": "https://github.com/mysql/mysql-server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9",
"signature_version": "v1",
"digest": {
"function_hash": "61031449315181416583737506107960987338",
"length": 1749.0
}
},
{
"deprecated": false,
"target": {
"file": "storage/xtradb/fil/fil0crypt.cc"
},
"id": "CVE-2017-3308-18d3e172",
"signature_type": "Line",
"source": "https://github.com/mariadb/server/commit/acce1f37c2518278a31606c7f1b460ad0ac7347c",
"signature_version": "v1",
"digest": {
"line_hashes": [
"204405456699725817686923450719053573643",
"159603287613222550353029239704715289605",
"227411037663010572806131362012136532147",
"174380789520269581628843953311720635844",
"279732681711711148257799929294137598264",
"105981295089450182223219343964947591985",
"180566767572234067908382521800899021942",
"100789308409354219857044795984080552873",
"12657995055198481240494383704100920759"
],
"threshold": 0.9
}
},
{
"deprecated": false,
"target": {
"file": "client/mysqldump.c",
"function": "dump_table"
},
"id": "CVE-2017-3308-3566e59d",
"signature_type": "Function",
"source": "https://github.com/mysql/mysql-server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9",
"signature_version": "v1",
"digest": {
"function_hash": "273064814930547228481748278923107127025",
"length": 9653.0
}
},
{
"deprecated": false,
"target": {
"file": "client/mysqldump.c",
"function": "init_dumping"
},
"id": "CVE-2017-3308-3dd1fd8a",
"signature_type": "Function",
"source": "https://github.com/mysql/mysql-server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9",
"signature_version": "v1",
"digest": {
"function_hash": "42526495682318897469202677931179336455",
"length": 595.0
}
},
{
"deprecated": false,
"target": {
"file": "client/mysqldump.c",
"function": "dump_routines_for_db"
},
"id": "CVE-2017-3308-573a3d7b",
"signature_type": "Function",
"source": "https://github.com/mysql/mysql-server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9",
"signature_version": "v1",
"digest": {
"function_hash": "229205966501763571287196631931031338507",
"length": 3068.0
}
},
{
"deprecated": false,
"target": {
"file": "storage/xtradb/fil/fil0crypt.cc",
"function": "fil_crypt_complete_rotate_space"
},
"id": "CVE-2017-3308-603393f7",
"signature_type": "Function",
"source": "https://github.com/mariadb/server/commit/acce1f37c2518278a31606c7f1b460ad0ac7347c",
"signature_version": "v1",
"digest": {
"function_hash": "66545367234171178388402008407609466154",
"length": 1360.0
}
},
{
"deprecated": false,
"target": {
"file": "client/mysqldump.c",
"function": "get_view_structure"
},
"id": "CVE-2017-3308-89d625e9",
"signature_type": "Function",
"source": "https://github.com/mysql/mysql-server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9",
"signature_version": "v1",
"digest": {
"function_hash": "52340132320564584267245206336274565455",
"length": 4417.0
}
},
{
"deprecated": false,
"target": {
"file": "client/mysqldump.c"
},
"id": "CVE-2017-3308-ba0ccb33",
"signature_type": "Line",
"source": "https://github.com/mysql/mysql-server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9",
"signature_version": "v1",
"digest": {
"line_hashes": [
"287840253208859831013181147116206525376",
"324136547317919813359352064277236333715",
"282430677639818099929617913825166653421",
"147139391803266763314761740611417390198",
"258802801894329452504020721432820698677",
"91138205289354102969073748767653790743",
"233493404795263154842363746119238816673",
"309355098527796234463986548578076187884",
"246521560388497353004885266086561128681",
"65595240965851819816944346960684994155",
"321094355807444156552637940556050534243",
"173566830439109051968149803806679781001",
"199290765851492278749490509745647329182",
"45989153402127012733139951888311868178",
"114416289830545276075284455762878229460",
"277119867620039162696505662519865168492",
"1406835726190704947481628521158899781",
"174614877685627249914600596442902313165",
"99127866680226208064705749248054614695",
"39471861491129910410498619482011041391",
"281380462612982588805056671783939902254",
"276555443743869160836284840037473276887",
"63704244798856370080746536556622922021",
"196970177491568200692872190131374048986",
"211909851172610884740259624997676708138",
"24854640261605884487014526616906487662",
"206025079568806760122742316187267806127",
"311871759366108697833006663439889249742",
"221096165144546299147742464005478717924",
"105220650397672059064628403102505049061",
"18628631760629166584977079678764798872",
"119656696777604396040253590625706193749",
"221096165144546299147742464005478717924",
"168602443676074510547085005830811337443",
"114424463055898619066660915433101962969",
"153916697495976485808117997579764618991",
"180695665933106799821938816193290640991",
"317750465811503273914953924986043255767",
"299148576020784136739117619416196108572",
"118157318188170081201040706357790495674",
"41102378010887911272271175550789649896",
"149518576500014602976768066358926314484",
"54189500566898801091712575313356035066",
"44002167410011708810019578410179393524",
"203679880670483351499138583783885028443",
"270476162896496040883649640857060526904",
"204451005490097465986732821480961200936",
"223608088947237646770529443703107663724",
"250724728853505500189006708705469851241",
"97779087057840683929947270035268598704",
"332940999390577626529849682776968183891",
"171433106859136870351199048718637400189",
"260127954252147593913051498861828999833",
"292556811704801901721130727931310806132",
"315481399744044133717527275946904624115",
"144450971157728465792195077319518344721",
"138134974382930509413378452785541640177",
"93139083326288700668774484888006665665"
],
"threshold": 0.9
}
},
{
"deprecated": false,
"target": {
"file": "storage/innobase/fil/fil0crypt.cc",
"function": "fil_crypt_complete_rotate_space"
},
"id": "CVE-2017-3308-cc23b5d3",
"signature_type": "Function",
"source": "https://github.com/mariadb/server/commit/acce1f37c2518278a31606c7f1b460ad0ac7347c",
"signature_version": "v1",
"digest": {
"function_hash": "66545367234171178388402008407609466154",
"length": 1360.0
}
},
{
"deprecated": false,
"target": {
"file": "client/mysqldump.c",
"function": "get_table_structure"
},
"id": "CVE-2017-3308-d56a3b4a",
"signature_type": "Function",
"source": "https://github.com/mysql/mysql-server/commit/6fa5e0814662d691be1a29bf88332348ec7c50c9",
"signature_version": "v1",
"digest": {
"function_hash": "227475061533329738085031105100031106996",
"length": 10937.0
}
},
{
"deprecated": false,
"target": {
"file": "storage/innobase/fil/fil0crypt.cc"
},
"id": "CVE-2017-3308-f68a06a2",
"signature_type": "Line",
"source": "https://github.com/mariadb/server/commit/acce1f37c2518278a31606c7f1b460ad0ac7347c",
"signature_version": "v1",
"digest": {
"line_hashes": [
"204405456699725817686923450719053573643",
"159603287613222550353029239704715289605",
"227411037663010572806131362012136532147",
"174380789520269581628843953311720635844"
],
"threshold": 0.9
}
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-3308.json"