Bugzilla – Bug 1112393
VUL-0: CVE-2018-3276: mysql: Server: Memcached unspecified vulnerability (CPU Oct 2018)
Last modified: 2019-05-29 09:24:57 UTC
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. External References: http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html References: https://bugzilla.redhat.com/show_bug.cgi?id=1640307 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-3276 http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#CVE-2018-3276 http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-3276.html
Affects 5.6.x, so openSUSE:Leap:42.3 and up are affected.
Submitted for openSUSE:Leap:42.3 (mr#643927). Done, I'm reassigning it back to the security team.
This is an autogenerated message for OBS integration: This bug (1112393) was mentioned in https://build.opensuse.org/request/show/643927 42.3 / mysql-community-server
done
openSUSE-SU-2018:3478-1: An update that fixes 10 vulnerabilities is now available. Category: security (important) Bug References: 1013882,1112368,1112369,1112390,1112393,1112397,1112398,1112417,1112421,1112432 CVE References: CVE-2016-9843,CVE-2018-3133,CVE-2018-3143,CVE-2018-3156,CVE-2018-3174,CVE-2018-3247,CVE-2018-3251,CVE-2018-3276,CVE-2018-3278,CVE-2018-3282 Sources used: openSUSE Leap 42.3 (src): mysql-community-server-5.6.42-42.1