Multiple flaws were found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root.
Find out more about CVE-2017-3312 from the MITRE CVE dictionary dictionary and NIST NVD.
CVSS3 Base Score | 7.8 |
---|---|
CVSS3 Base Metrics | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Attack Vector | Local |
Attack Complexity | Low |
Privileges Required | Low |
User Interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity Impact | High |
Availability Impact | High |
Platform | Errata | Release Date |
---|---|---|
Red Hat Software Collections for Red Hat Enterprise Linux 6 (rh-mysql56-mysql) | RHSA-2017:2787 | 2017-09-21 |
Red Hat Software Collections for Red Hat Enterprise Linux 6 (rh-mysql57-mysql) | RHSA-2017:2886 | 2017-10-12 |
Red Hat Software Collections for Red Hat Enterprise Linux 6 (rh-mariadb101-mariadb) | RHSA-2018:0574 | 2018-03-21 |
Red Hat Enterprise Linux 7 (mariadb) | RHSA-2017:2192 | 2017-08-01 |
Red Hat Software Collections for Red Hat Enterprise Linux 7 (rh-mariadb101-mariadb) | RHSA-2018:0574 | 2018-03-21 |
Red Hat Software Collections for Red Hat Enterprise Linux 7 (rh-mysql56-mysql) | RHSA-2017:2787 | 2017-09-21 |
Red Hat Software Collections for Red Hat Enterprise Linux 6 (rh-mariadb100-mariadb) | RHSA-2018:0279 | 2018-02-06 |
Red Hat Software Collections for Red Hat Enterprise Linux 7 (rh-mysql57-mysql) | RHSA-2017:2886 | 2017-10-12 |
Red Hat Software Collections for Red Hat Enterprise Linux 7 (rh-mariadb100-mariadb) | RHSA-2018:0279 | 2018-02-06 |
Platform | Package | State |
---|---|---|
Red Hat OpenStack Platform 9.0 | mariadb-galera | Will not fix |
Red Hat OpenStack Platform 8.0 (Liberty) | mariadb-galera | Will not fix |
Red Hat OpenStack Platform 12.0 | mariadb-galera | Will not fix |
Red Hat OpenStack Platform 11.0 (Ocata) | mariadb-galera | Will not fix |
Red Hat OpenStack Platform 10 | mariadb-galera | Will not fix |
Red Hat Mobile Application Platform On-Premise 4 | rhmap-mysql-docker | Will not fix |
Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7 | mariadb-galera | Will not fix |
Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7 | mariadb-galera | Will not fix |
Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) | mariadb-galera | Will not fix |
Red Hat Enterprise Linux 6 | mysql | Will not fix |
Red Hat Enterprise Linux 5 | mysql55-mysql | Will not fix |