A flaw was found in the way MySQL client library (libmysqlclient) handled prepared statements when server connection was lost. A malicious server or a man-in-the-middle attacker could possibly use this flaw to crash an application using libmysqlclient.
Find out more about CVE-2017-3302 from the MITRE CVE dictionary dictionary and NIST NVD.
CVSS3 Base Score | 3.1 |
---|---|
CVSS3 Base Metrics | CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L |
Attack Vector | Network |
Attack Complexity | High |
Privileges Required | None |
User Interaction | Required |
Scope | Unchanged |
Confidentiality | None |
Integrity Impact | None |
Availability Impact | Low |
Platform | Errata | Release Date |
---|---|---|
Red Hat Software Collections for Red Hat Enterprise Linux 6 (rh-mysql56-mysql) | RHSA-2017:2787 | 2017-09-21 |
Red Hat Software Collections for Red Hat Enterprise Linux 6 (rh-mariadb101-mariadb) | RHSA-2018:0574 | 2018-03-21 |
Red Hat Enterprise Linux 7 (mariadb) | RHSA-2017:2192 | 2017-08-01 |
Red Hat Software Collections for Red Hat Enterprise Linux 7 (rh-mariadb101-mariadb) | RHSA-2018:0574 | 2018-03-21 |
Red Hat Software Collections for Red Hat Enterprise Linux 7 (rh-mysql56-mysql) | RHSA-2017:2787 | 2017-09-21 |
Red Hat Software Collections for Red Hat Enterprise Linux 6 (rh-mariadb100-mariadb) | RHSA-2018:0279 | 2018-02-06 |
Red Hat Software Collections for Red Hat Enterprise Linux 7 (rh-mariadb100-mariadb) | RHSA-2018:0279 | 2018-02-06 |
Platform | Package | State |
---|---|---|
Red Hat Software Collections for Red Hat Enterprise Linux | rh-mysql57-mysql | Not affected |
Red Hat OpenStack Platform 9.0 | mariadb-galera | Not affected |
Red Hat OpenStack Platform 8.0 (Liberty) | mariadb-galera | Not affected |
Red Hat OpenStack Platform 12.0 | mariadb-galera | Not affected |
Red Hat OpenStack Platform 11.0 (Ocata) | mariadb-galera | Not affected |
Red Hat OpenStack Platform 10 | mariadb-galera | Not affected |
Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7 | mariadb-galera | Not affected |
Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7 | mariadb-galera | Not affected |
Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) | mariadb-galera | Not affected |
Red Hat Enterprise Linux 6 | mysql | Will not fix |
Red Hat Enterprise Linux 5 | mysql55-mysql | Will not fix |