Vulnerability CVE-2019-2614: Information

Description

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).

Severity: MEDIUM (4.4) Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2019-2614
Published: April 23, 2019
Modified: Nov. 7, 2023

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
MySQLsisyphus8.0.16-alt18.0.37-alt1.1ALT-PU-2019-2111-1232051Fixed
MySQLsisyphus_riscv648.0.27-alt1.0.rv648.0.37-alt0.portALT-PU-2021-4503-1-Fixed
MySQLp108.0.16-alt18.0.36-alt1ALT-PU-2019-2111-1232051Fixed
MySQLp98.0.16-alt18.0.26-alt2ALT-PU-2019-2216-1234071Fixed
MySQLp85.7.28-alt15.7.28-alt1ALT-PU-2020-1037-1243724Fixed
MySQLc10f18.0.16-alt18.0.37-alt1ALT-PU-2019-2111-1232051Fixed
MySQLc9f28.0.16-alt18.0.36-alt0.c9.1ALT-PU-2019-2216-1234071Fixed
MySQLp118.0.16-alt18.0.37-alt1.1ALT-PU-2019-2111-1232051Fixed
mariadbsisyphus10.0.21-alt110.11.8-alt1ALT-PU-2015-1749-1148805Fixed
mariadbp1010.0.21-alt110.6.18-alt1ALT-PU-2015-1749-1148805Fixed
mariadbp910.3.15-alt110.4.34-alt0.M90P.1ALT-PU-2019-1840-1229424Fixed
mariadbp810.1.43-alt110.1.48-alt1ALT-PU-2020-1094-1244621Fixed
mariadbc10f110.0.21-alt110.6.18-alt1ALT-PU-2015-1749-1148805Fixed
mariadbc9f210.3.15-alt110.6.18-alt1ALT-PU-2019-1840-1229424Fixed
mariadbc710.0.21-alt1.M70C.110.3.14-alt0.M70C.1ALT-PU-2015-1788-1149240Fixed
mariadbp1110.0.21-alt110.11.8-alt1ALT-PU-2015-1749-1148805Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
  • Patch
  • Vendor Advisory
https://support.f5.com/csp/article/K52514501
  • Third Party Advisory
USN-3957-1
  • Third Party Advisory
USN-3957-2
  • Third Party Advisory
USN-3957-3
  • Third Party Advisory
RHSA-2019:2327
  • Third Party Advisory
USN-4070-3
  • Third Party Advisory
RHSA-2019:2484
  • Third Party Advisory
openSUSE-SU-2019:1915
  • Mailing List
  • Third Party Advisory
openSUSE-SU-2019:1913
  • Mailing List
  • Third Party Advisory
RHSA-2019:2511
  • Third Party Advisory
RHSA-2019:3708
  • Third Party Advisory
FEDORA-2019-c106e46a95
    FEDORA-2019-96516ce0ac

        1. Configuration 1

          cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
          Start including
          8.0.0
          End including
          8.0.15
          cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
          Start including
          5.7.0
          End including
          5.7.25
          cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
          Start including
          5.6.0
          End including
          5.6.43

          Configuration 2

          cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
          cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
          cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
          cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
          cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

          Configuration 3

          cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
          Start including
          10.2.0
          End excliding
          10.2.24
          cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
          Start including
          10.3.0
          End excliding
          10.3.15
          cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
          Start including
          10.4.0
          End excliding
          10.4.5
          cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
          Start including
          10.1.0
          End excliding
          10.1.39
          cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
          Start including
          5.5.0
          End excliding
          5.5.64

          Configuration 4

          cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux_desktop:8.0:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux_server:8.0:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*

          Configuration 5

          cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
          cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*

          Configuration 6

          cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
          cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
      VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
      Version: v24.5.3
      Back to top