CVE-2017-3329

Metadata

medium
5.0
mysql-5.7, mysql-5.5, mysql-5.6, mariadb-5.5, mariadb-10.0, mariadb-10.1, percona-xtradb-cluster-5.5, percona-xtradb-cluster-5.6, percona-server-5.6
CVE-2017-3329
cve.mitre.org, oracle.com, ubuntu.com, ubuntu.com, bugs.debian.org, bugs.debian.org
2017-04-24
2017-10-23 14:20
CVE-2017-3329 mysql-5.5
CVE-2017-3329 mysql-5.7
2017-07-25 00:03
2017-07-24 23:03
2017-07-20 21:31
2017-06-16 19:22
2017-06-15 02:33
2017-05-30 14:03
2017-05-10 23:49
2017-04-27 16:03
2017-04-27 01:03
2017-04-25 15:03
2017-04-20 05:03

Description

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Thread Pooling). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

Am I vulnerable?

The constraints below list the versions that this vulnerability is patched in, and versions that are unaffected. If a patch is ready but unrealeased, then it is pending.

Or, you can just let us figure it out for you! Appcanary continously monitor your installed packages, and tell you if any of them are vulnerable.

Sign up for monitoring

Affected package information

Release Package Patched in
artful mariadb-10.1 None
mysql-5.7 5.7.18-0ubuntu1
percona-server-5.6 None
percona-xtradb-cluster-5.6 None
devel mariadb-10.1 None
mysql-5.7 5.7.18-0ubuntu1
percona-server-5.6 None
percona-xtradb-cluster-5.6 None
precise/esm mysql-5.5 5.5.57-0ubuntu0.12.04.1
trusty mariadb-5.5 None
mysql-5.5 5.5.55-0ubuntu0.14.04.1
mysql-5.6 None
percona-xtradb-cluster-5.5 None
upstream mysql-5.5 5.5.55
mysql-5.6 5.6.36
mysql-5.7 5.7.18
xenial mariadb-10.0 None
mysql-5.7 5.7.18-0ubuntu0.16.04.1
percona-server-5.6 None
percona-xtradb-cluster-5.6 None
yakkety mysql-5.7 5.7.18-0ubuntu0.16.10.1
zesty mariadb-10.1 None
mysql-5.7 5.7.18-0ubuntu0.17.04.1
percona-server-5.6 None
percona-xtradb-cluster-5.6 None

Unaffected

Release Package Reason
precise mysql-5.7 DNE
mysql-5.5 ignored
mysql-5.6 DNE
mariadb-5.5 DNE
mariadb-10.0 DNE
mariadb-10.1 DNE
percona-xtradb-cluster-5.5 DNE
percona-xtradb-cluster-5.6 DNE
percona-server-5.6 DNE
precise/esm mysql-5.7 DNE
mysql-5.6 DNE
mariadb-5.5 DNE
mariadb-10.0 DNE
mariadb-10.1 DNE
percona-xtradb-cluster-5.5 DNE
percona-xtradb-cluster-5.6 DNE
percona-server-5.6 DNE
trusty mysql-5.7 DNE
mariadb-10.0 DNE
mariadb-10.1 DNE
percona-xtradb-cluster-5.6 DNE
percona-server-5.6 DNE
vivid/stable-phone-overlay mysql-5.7 DNE
mysql-5.5 DNE
mysql-5.6 DNE
mariadb-5.5 DNE
mariadb-10.0 DNE
mariadb-10.1 DNE
percona-xtradb-cluster-5.5 DNE
percona-xtradb-cluster-5.6 DNE
percona-server-5.6 DNE
vivid/ubuntu-core mysql-5.7 DNE
mysql-5.5 DNE
mysql-5.6 DNE
mariadb-5.5 DNE
mariadb-10.0 DNE
mariadb-10.1 DNE
percona-xtradb-cluster-5.5 DNE
percona-xtradb-cluster-5.6 DNE
percona-server-5.6 DNE
xenial mysql-5.5 DNE
mysql-5.6 DNE
mariadb-5.5 DNE
mariadb-10.1 DNE
percona-xtradb-cluster-5.5 DNE
yakkety mysql-5.5 DNE
mysql-5.6 DNE
mariadb-5.5 DNE
mariadb-10.0 ignored
mariadb-10.1 DNE
percona-xtradb-cluster-5.5 DNE
percona-xtradb-cluster-5.6 ignored
percona-server-5.6 ignored
zesty mysql-5.5 DNE
mysql-5.6 DNE
mariadb-5.5 DNE
mariadb-10.0 DNE
percona-xtradb-cluster-5.5 DNE
artful mysql-5.5 DNE
mysql-5.6 DNE
mariadb-5.5 DNE
mariadb-10.0 DNE
percona-xtradb-cluster-5.5 DNE
devel mysql-5.5 DNE
mysql-5.6 DNE
mariadb-5.5 DNE
mariadb-10.0 DNE
percona-xtradb-cluster-5.5 DNE

Needs Triage

Release Package Reason
upstream mariadb-5.5 needs-triage
mariadb-10.0 needs-triage
mariadb-10.1 needs-triage
percona-xtradb-cluster-5.5 needs-triage
percona-xtradb-cluster-5.6 needs-triage
percona-server-5.6 needs-triage