Alerts This Week
Warning Icon 1 537
Alerts This Week
Warning Icon 1 537

Mageia: 2018-0359 Moderate: MariaDB Denial Of Service Threat

mageia
Calendar Grey August 31, 2018
Dist Mageia Esm H88
Upgraded PostgreSQL versions address vulnerabilities permitting illegal entry and Service Unavailability exploits. Find out more!
Updated mariadb packages fix security vulnerabilities: Vulnerability in the MariaDB Server component of MariaDB (subcomponent: MyISAM)

Summary

Updated mariadb packages fix security vulnerabilities:
Vulnerability in the MariaDB Server component of MariaDB (subcomponent: MyISAM). Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MariaDB Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MariaDB Server accessible data (CVE-2018-3058).
Vulnerability in the MariaDB Server component of MariaDB (subcomponent: Server: Security: Privileges). Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MariaDB Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MariaDB Server (CVE-2018-3063).
Vulnerability in the MariaDB Server component of MariaDB (subcomponent: InnoDB). Easily exploitable vulnerability allows low privileged attacker with n...

Read the Full Advisory

References

- https://bugs.mageia.org/show_bug.cgi?id=23407

- https://mariadb.com/docs/release-notes/community-server/old-releases/release-notes-mariadb-10-0-series/mariadb-10036-release-notes

- https://mariadb.org/mariadb-10-0-36-now-available/

- https://www.oracle.com/security-alerts/cpujul2018.html

- https://www.cve.org/CVERecord?id=CVE-2018-3058

- https://www.cve.org/CVERecord?id=CVE-2018-3063

- https://www.cve.org/CVERecord?id=CVE-2018-3065

- https://www.cve.org/CVERecord?id=CVE-2018-3066

Topics%20covered

Topics Covered

security advisory unauthorized access update dos network access mariadb mageia

Resolution

SRPMS

- 5/core/mariadb-10.0.36-1.mga5

Severity
important
Lowest
Low
Medium
High
Critical

Publication date: 31 Aug 2018
URL: https://advisories.mageia.org/MGASA-2018-0359.html
Type: security
CVE: CVE-2018-3058, CVE-2018-3063, CVE-2018-3065, CVE-2018-3066

Topics%20covered

Topics Covered

security advisory unauthorized access update dos network access mariadb mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here