Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting generallogfile to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52, 5.6.33, and 5.7.15.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "5.5.52-1ubuntu0.14.04.1", "binary_name": "libmariadbclient-dev" }, { "binary_version": "5.5.52-1ubuntu0.14.04.1", "binary_name": "libmariadbclient18" }, { "binary_version": "5.5.52-1ubuntu0.14.04.1", "binary_name": "libmariadbclient18-dbgsym" }, { "binary_version": "5.5.52-1ubuntu0.14.04.1", "binary_name": "libmariadbd-dev" }, { "binary_version": "5.5.52-1ubuntu0.14.04.1", "binary_name": "libmariadbd-dev-dbgsym" }, { "binary_version": "5.5.52-1ubuntu0.14.04.1", "binary_name": "mariadb-client" }, { "binary_version": "5.5.52-1ubuntu0.14.04.1", "binary_name": "mariadb-client-5.5" }, { "binary_version": "5.5.52-1ubuntu0.14.04.1", "binary_name": "mariadb-client-5.5-dbgsym" }, { "binary_version": "5.5.52-1ubuntu0.14.04.1", "binary_name": "mariadb-client-core-5.5" }, { "binary_version": "5.5.52-1ubuntu0.14.04.1", "binary_name": "mariadb-client-core-5.5-dbgsym" }, { "binary_version": "5.5.52-1ubuntu0.14.04.1", "binary_name": "mariadb-common" }, { "binary_version": "5.5.52-1ubuntu0.14.04.1", "binary_name": "mariadb-server" }, { "binary_version": "5.5.52-1ubuntu0.14.04.1", "binary_name": "mariadb-server-5.5" }, { "binary_version": "5.5.52-1ubuntu0.14.04.1", "binary_name": "mariadb-server-5.5-dbgsym" }, { "binary_version": "5.5.52-1ubuntu0.14.04.1", "binary_name": "mariadb-server-core-5.5" }, { "binary_version": "5.5.52-1ubuntu0.14.04.1", "binary_name": "mariadb-server-core-5.5-dbgsym" }, { "binary_version": "5.5.52-1ubuntu0.14.04.1", "binary_name": "mariadb-test" }, { "binary_version": "5.5.52-1ubuntu0.14.04.1", "binary_name": "mariadb-test-5.5" }, { "binary_version": "5.5.52-1ubuntu0.14.04.1", "binary_name": "mariadb-test-5.5-dbgsym" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "5.5.52-0ubuntu0.14.04.1", "binary_name": "libmysqlclient-dev" }, { "binary_version": "5.5.52-0ubuntu0.14.04.1", "binary_name": "libmysqlclient18" }, { "binary_version": "5.5.52-0ubuntu0.14.04.1", "binary_name": "libmysqlclient18-dbgsym" }, { "binary_version": "5.5.52-0ubuntu0.14.04.1", "binary_name": "libmysqld-dev" }, { "binary_version": "5.5.52-0ubuntu0.14.04.1", "binary_name": "libmysqld-pic" }, { "binary_version": "5.5.52-0ubuntu0.14.04.1", "binary_name": "mysql-client" }, { "binary_version": "5.5.52-0ubuntu0.14.04.1", "binary_name": "mysql-client-5.5" }, { "binary_version": "5.5.52-0ubuntu0.14.04.1", "binary_name": "mysql-client-5.5-dbgsym" }, { "binary_version": "5.5.52-0ubuntu0.14.04.1", "binary_name": "mysql-client-core-5.5" }, { "binary_version": "5.5.52-0ubuntu0.14.04.1", "binary_name": "mysql-client-core-5.5-dbgsym" }, { "binary_version": "5.5.52-0ubuntu0.14.04.1", "binary_name": "mysql-common" }, { "binary_version": "5.5.52-0ubuntu0.14.04.1", "binary_name": "mysql-server" }, { "binary_version": "5.5.52-0ubuntu0.14.04.1", "binary_name": "mysql-server-5.5" }, { "binary_version": "5.5.52-0ubuntu0.14.04.1", "binary_name": "mysql-server-5.5-dbgsym" }, { "binary_version": "5.5.52-0ubuntu0.14.04.1", "binary_name": "mysql-server-core-5.5" }, { "binary_version": "5.5.52-0ubuntu0.14.04.1", "binary_name": "mysql-server-core-5.5-dbgsym" }, { "binary_version": "5.5.52-0ubuntu0.14.04.1", "binary_name": "mysql-source-5.5" }, { "binary_version": "5.5.52-0ubuntu0.14.04.1", "binary_name": "mysql-testsuite" }, { "binary_version": "5.5.52-0ubuntu0.14.04.1", "binary_name": "mysql-testsuite-5.5" }, { "binary_version": "5.5.52-0ubuntu0.14.04.1", "binary_name": "mysql-testsuite-5.5-dbgsym" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "5.6.33-0ubuntu0.14.04.1", "binary_name": "mysql-client-5.6" }, { "binary_version": "5.6.33-0ubuntu0.14.04.1", "binary_name": "mysql-client-5.6-dbgsym" }, { "binary_version": "5.6.33-0ubuntu0.14.04.1", "binary_name": "mysql-client-core-5.6" }, { "binary_version": "5.6.33-0ubuntu0.14.04.1", "binary_name": "mysql-client-core-5.6-dbgsym" }, { "binary_version": "5.6.33-0ubuntu0.14.04.1", "binary_name": "mysql-common-5.6" }, { "binary_version": "5.6.33-0ubuntu0.14.04.1", "binary_name": "mysql-server-5.6" }, { "binary_version": "5.6.33-0ubuntu0.14.04.1", "binary_name": "mysql-server-5.6-dbgsym" }, { "binary_version": "5.6.33-0ubuntu0.14.04.1", "binary_name": "mysql-server-core-5.6" }, { "binary_version": "5.6.33-0ubuntu0.14.04.1", "binary_name": "mysql-server-core-5.6-dbgsym" }, { "binary_version": "5.6.33-0ubuntu0.14.04.1", "binary_name": "mysql-source-5.6" }, { "binary_version": "5.6.33-0ubuntu0.14.04.1", "binary_name": "mysql-testsuite-5.6" }, { "binary_version": "5.6.33-0ubuntu0.14.04.1", "binary_name": "mysql-testsuite-5.6-dbgsym" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "libmariadbd-dev" }, { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "libmariadbd18" }, { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "libmariadbd18-dbgsym" }, { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "mariadb-client" }, { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "mariadb-client-10.0" }, { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "mariadb-client-10.0-dbgsym" }, { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "mariadb-client-core-10.0" }, { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "mariadb-client-core-10.0-dbgsym" }, { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "mariadb-common" }, { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "mariadb-plugin-connect" }, { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "mariadb-plugin-connect-dbgsym" }, { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "mariadb-plugin-mroonga" }, { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "mariadb-plugin-mroonga-dbgsym" }, { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "mariadb-plugin-oqgraph" }, { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "mariadb-plugin-oqgraph-dbgsym" }, { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "mariadb-plugin-spider" }, { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "mariadb-plugin-spider-dbgsym" }, { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "mariadb-plugin-tokudb" }, { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "mariadb-plugin-tokudb-dbgsym" }, { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "mariadb-server" }, { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "mariadb-server-10.0" }, { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "mariadb-server-10.0-dbgsym" }, { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "mariadb-server-core-10.0" }, { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "mariadb-server-core-10.0-dbgsym" }, { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "mariadb-test" }, { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "mariadb-test-data" }, { "binary_version": "10.0.27-0ubuntu0.16.04.1", "binary_name": "mariadb-test-dbgsym" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "5.7.15-0ubuntu0.16.04.1", "binary_name": "libmysqlclient-dev" }, { "binary_version": "5.7.15-0ubuntu0.16.04.1", "binary_name": "libmysqlclient20" }, { "binary_version": "5.7.15-0ubuntu0.16.04.1", "binary_name": "libmysqlclient20-dbgsym" }, { "binary_version": "5.7.15-0ubuntu0.16.04.1", "binary_name": "libmysqld-dev" }, { "binary_version": "5.7.15-0ubuntu0.16.04.1", "binary_name": "mysql-client" }, { "binary_version": "5.7.15-0ubuntu0.16.04.1", "binary_name": "mysql-client-5.7" }, { "binary_version": "5.7.15-0ubuntu0.16.04.1", "binary_name": "mysql-client-5.7-dbgsym" }, { "binary_version": "5.7.15-0ubuntu0.16.04.1", "binary_name": "mysql-client-core-5.7" }, { "binary_version": "5.7.15-0ubuntu0.16.04.1", "binary_name": "mysql-client-core-5.7-dbgsym" }, { "binary_version": "5.7.15-0ubuntu0.16.04.1", "binary_name": "mysql-common" }, { "binary_version": "5.7.15-0ubuntu0.16.04.1", "binary_name": "mysql-server" }, { "binary_version": "5.7.15-0ubuntu0.16.04.1", "binary_name": "mysql-server-5.7" }, { "binary_version": "5.7.15-0ubuntu0.16.04.1", "binary_name": "mysql-server-5.7-dbgsym" }, { "binary_version": "5.7.15-0ubuntu0.16.04.1", "binary_name": "mysql-server-core-5.7" }, { "binary_version": "5.7.15-0ubuntu0.16.04.1", "binary_name": "mysql-server-core-5.7-dbgsym" }, { "binary_version": "5.7.15-0ubuntu0.16.04.1", "binary_name": "mysql-source-5.7" }, { "binary_version": "5.7.15-0ubuntu0.16.04.1", "binary_name": "mysql-testsuite" }, { "binary_version": "5.7.15-0ubuntu0.16.04.1", "binary_name": "mysql-testsuite-5.7" }, { "binary_version": "5.7.15-0ubuntu0.16.04.1", "binary_name": "mysql-testsuite-5.7-dbgsym" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "5.6.34-26.19-0ubuntu0.16.04.1", "binary_name": "percona-xtradb-cluster-5.6-dbg" }, { "binary_version": "5.6.34-26.19-0ubuntu0.16.04.1", "binary_name": "percona-xtradb-cluster-server" }, { "binary_version": "5.6.34-26.19-0ubuntu0.16.04.1", "binary_name": "percona-xtradb-cluster-server-5.6" }, { "binary_version": "5.6.34-26.19-0ubuntu0.16.04.1", "binary_name": "percona-xtradb-cluster-server-5.6-dbgsym" }, { "binary_version": "5.6.34-26.19-0ubuntu0.16.04.1", "binary_name": "percona-xtradb-cluster-source-5.6" }, { "binary_version": "5.6.34-26.19-0ubuntu0.16.04.1", "binary_name": "percona-xtradb-cluster-source-5.6-dbgsym" } ] }