openSUSE-SU-2020:0870

FEDORA-2020-35f52d9370

https://security.netapp.com/advisory/ntap-20200416-0003/

https://www.oracle.com/security-alerts/cpuapr2020.html

This update for mariadb to version 10.2.32 fixes the following issues :

mariadb was updated to version 10.2.32 (bsc#1171550)

  - CVE-2020-2752: Fixed an issue which could have resulted     in unauthorized ability to cause denial of service.

  - CVE-2020-2812: Fixed an issue which could have resulted     in unauthorized ability to cause denial of service. 

  - CVE-2020-2814: Fixed an issue which could have resulted     in unauthorized ability to cause denial of service.

  - CVE-2020-2760: Fixed an issue which could have resulted     in unauthorized ability to cause denial of service.

  - CVE-2020-13249: Fixed an improper validation of the     content of an OK packet received from a server. 

Release notes and changelog :

- https://mariadb.com/kb/en/library/mariadb-10232-release-notes

- https://mariadb.com/kb/en/library/mariadb-10232-changelog

This update was imported from the SUSE:SLE-15:Update update project.

This update for mariadb-100 fixes the following issues :

mariadb-100 was updated to version 10.0.44 (bsc#1171550)

CVE-2020-2752: Fixed an issue which could have resulted in unauthorized ability to cause denial of service.

CVE-2020-2812: Fixed an issue which could have resulted in unauthorized ability to cause denial of service.

Fixed some test failures

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for mariadb to version 10.2.32 fixes the following issues :

mariadb was updated to version 10.2.32 (bsc#1171550)

CVE-2020-2752: Fixed an issue which could have resulted in unauthorized ability to cause denial of service.

CVE-2020-2812: Fixed an issue which could have resulted in unauthorized ability to cause denial of service.

CVE-2020-2814: Fixed an issue which could have resulted in unauthorized ability to cause denial of service.

CVE-2020-2760: Fixed an issue which could have resulted in unauthorized ability to cause denial of service.

CVE-2020-13249: Fixed an improper validation of the content of an OK packet received from a server.

Release notes and changelog :

https://mariadb.com/kb/en/library/mariadb-10232-release-notes

https://mariadb.com/kb/en/library/mariadb-10232-changelog

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for mariadb fixes the following issues :

mariadb was updated to version 10.2.32 (bsc#1171550)

CVE-2020-2752: Fixed an issue which could have resulted in unauthorized ability to cause denial of service.

CVE-2020-2812: Fixed an issue which could have resulted in unauthorized ability to cause denial of service.

CVE-2020-2814: Fixed an issue which could have resulted in unauthorized ability to cause denial of service.

CVE-2020-2760: Fixed an issue which could have resulted in unauthorized ability to cause denial of service.

CVE-2020-13249: Fixed an improper validation of the content of an OK packet received from a server.

Release notes and changelog :

https://mariadb.com/kb/en/library/mariadb-10232-release-notes

https://mariadb.com/kb/en/library/mariadb-10232-changelog

Update to 10.2.32 GA [bsc#1171550]

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The version of MariaDB installed on the remote host is prior to 10.3.23. It is, therefore, affected by multiple vulnerabilities as referenced in the mdb-10323-rn advisory.

  - Vulnerability in the MySQL Client product of Oracle     MySQL (component: C API). Supported versions that are     affected are 5.6.47 and prior, 5.7.27 and prior and     8.0.17 and prior. Difficult to exploit vulnerability     allows low privileged attacker with network access via     multiple protocols to compromise MySQL Client.
    Successful attacks of this vulnerability can result in     unauthorized ability to cause a hang or frequently     repeatable crash (complete DOS) of MySQL Client. CVSS     3.0 Base Score 5.3 (Availability impacts). CVSS Vector:
    (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2020-2752)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: InnoDB). Supported versions that are     affected are 5.7.29 and prior and 8.0.19 and prior.
    Easily exploitable vulnerability allows high privileged     attacker with network access via multiple protocols to     compromise MySQL Server. Successful attacks of this     vulnerability can result in unauthorized ability to     cause a hang or frequently repeatable crash (complete     DOS) of MySQL Server as well as unauthorized update,     insert or delete access to some of MySQL Server     accessible data. CVSS 3.0 Base Score 5.5 (Integrity and     Availability impacts). CVSS Vector:
    (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
    (CVE-2020-2760)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: Server: Stored Procedure). Supported     versions that are affected are 5.6.47 and prior, 5.7.29     and prior and 8.0.19 and prior. Easily exploitable     vulnerability allows high privileged attacker with     network access via multiple protocols to compromise     MySQL Server. Successful attacks of this vulnerability     can result in unauthorized ability to cause a hang or     frequently repeatable crash (complete DOS) of MySQL     Server. CVSS 3.0 Base Score 4.9 (Availability impacts).
    CVSS Vector:
    (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2020-2812)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: InnoDB). Supported versions that are     affected are 5.6.47 and prior, 5.7.28 and prior and     8.0.18 and prior. Easily exploitable vulnerability     allows high privileged attacker with network access via     multiple protocols to compromise MySQL Server.
    Successful attacks of this vulnerability can result in     unauthorized ability to cause a hang or frequently     repeatable crash (complete DOS) of MySQL Server. CVSS     3.0 Base Score 4.9 (Availability impacts). CVSS Vector:
    (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2020-2814)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of MariaDB installed on the remote host is prior to 10.4.13. It is, therefore, affected by multiple vulnerabilities as referenced in the mdb-10413-rn advisory.

  - Vulnerability in the MySQL Client product of Oracle     MySQL (component: C API). Supported versions that are     affected are 5.6.47 and prior, 5.7.27 and prior and     8.0.17 and prior. Difficult to exploit vulnerability     allows low privileged attacker with network access via     multiple protocols to compromise MySQL Client.
    Successful attacks of this vulnerability can result in     unauthorized ability to cause a hang or frequently     repeatable crash (complete DOS) of MySQL Client. CVSS     3.0 Base Score 5.3 (Availability impacts). CVSS Vector:
    (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2020-2752)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: InnoDB). Supported versions that are     affected are 5.7.29 and prior and 8.0.19 and prior.
    Easily exploitable vulnerability allows high privileged     attacker with network access via multiple protocols to     compromise MySQL Server. Successful attacks of this     vulnerability can result in unauthorized ability to     cause a hang or frequently repeatable crash (complete     DOS) of MySQL Server as well as unauthorized update,     insert or delete access to some of MySQL Server     accessible data. CVSS 3.0 Base Score 5.5 (Integrity and     Availability impacts). CVSS Vector:
    (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
    (CVE-2020-2760)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: Server: Stored Procedure). Supported     versions that are affected are 5.6.47 and prior, 5.7.29     and prior and 8.0.19 and prior. Easily exploitable     vulnerability allows high privileged attacker with     network access via multiple protocols to compromise     MySQL Server. Successful attacks of this vulnerability     can result in unauthorized ability to cause a hang or     frequently repeatable crash (complete DOS) of MySQL     Server. CVSS 3.0 Base Score 4.9 (Availability impacts).
    CVSS Vector:
    (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2020-2812)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: InnoDB). Supported versions that are     affected are 5.6.47 and prior, 5.7.28 and prior and     8.0.18 and prior. Easily exploitable vulnerability     allows high privileged attacker with network access via     multiple protocols to compromise MySQL Server.
    Successful attacks of this vulnerability can result in     unauthorized ability to cause a hang or frequently     repeatable crash (complete DOS) of MySQL Server. CVSS     3.0 Base Score 4.9 (Availability impacts). CVSS Vector:
    (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2020-2814)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of MariaDB installed on the remote host is prior to 10.2.32. It is, therefore, affected by multiple vulnerabilities as referenced in the mdb-10232-rn advisory.

  - Vulnerability in the MySQL Client product of Oracle     MySQL (component: C API). Supported versions that are     affected are 5.6.47 and prior, 5.7.27 and prior and     8.0.17 and prior. Difficult to exploit vulnerability     allows low privileged attacker with network access via     multiple protocols to compromise MySQL Client.
    Successful attacks of this vulnerability can result in     unauthorized ability to cause a hang or frequently     repeatable crash (complete DOS) of MySQL Client. CVSS     3.0 Base Score 5.3 (Availability impacts). CVSS Vector:
    (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2020-2752)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: InnoDB). Supported versions that are     affected are 5.7.29 and prior and 8.0.19 and prior.
    Easily exploitable vulnerability allows high privileged     attacker with network access via multiple protocols to     compromise MySQL Server. Successful attacks of this     vulnerability can result in unauthorized ability to     cause a hang or frequently repeatable crash (complete     DOS) of MySQL Server as well as unauthorized update,     insert or delete access to some of MySQL Server     accessible data. CVSS 3.0 Base Score 5.5 (Integrity and     Availability impacts). CVSS Vector:
    (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
    (CVE-2020-2760)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: Server: Stored Procedure). Supported     versions that are affected are 5.6.47 and prior, 5.7.29     and prior and 8.0.19 and prior. Easily exploitable     vulnerability allows high privileged attacker with     network access via multiple protocols to compromise     MySQL Server. Successful attacks of this vulnerability     can result in unauthorized ability to cause a hang or     frequently repeatable crash (complete DOS) of MySQL     Server. CVSS 3.0 Base Score 4.9 (Availability impacts).
    CVSS Vector:
    (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2020-2812)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: InnoDB). Supported versions that are     affected are 5.6.47 and prior, 5.7.28 and prior and     8.0.18 and prior. Easily exploitable vulnerability     allows high privileged attacker with network access via     multiple protocols to compromise MySQL Server.
    Successful attacks of this vulnerability can result in     unauthorized ability to cause a hang or frequently     repeatable crash (complete DOS) of MySQL Server. CVSS     3.0 Base Score 4.9 (Availability impacts). CVSS Vector:
    (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2020-2814)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of MariaDB installed on the remote host is prior to 5.5.68. It is, therefore, affected by multiple vulnerabilities as referenced in the mdb-5568-rn advisory.

  - Vulnerability in the MySQL Client product of Oracle     MySQL (component: C API). Supported versions that are     affected are 5.6.47 and prior, 5.7.27 and prior and     8.0.17 and prior. Difficult to exploit vulnerability     allows low privileged attacker with network access via     multiple protocols to compromise MySQL Client.
    Successful attacks of this vulnerability can result in     unauthorized ability to cause a hang or frequently     repeatable crash (complete DOS) of MySQL Client. CVSS     3.0 Base Score 5.3 (Availability impacts). CVSS Vector:
    (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2020-2752)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: Server: Stored Procedure). Supported     versions that are affected are 5.6.47 and prior, 5.7.29     and prior and 8.0.19 and prior. Easily exploitable     vulnerability allows high privileged attacker with     network access via multiple protocols to compromise     MySQL Server. Successful attacks of this vulnerability     can result in unauthorized ability to cause a hang or     frequently repeatable crash (complete DOS) of MySQL     Server. CVSS 3.0 Base Score 4.9 (Availability impacts).
    CVSS Vector:
    (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2020-2812)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of MariaDB installed on the remote host is prior to 10.1.45. It is, therefore, affected by multiple vulnerabilities as referenced in the mdb-10145-rn advisory.

  - Vulnerability in the MySQL Client product of Oracle     MySQL (component: C API). Supported versions that are     affected are 5.6.47 and prior, 5.7.27 and prior and     8.0.17 and prior. Difficult to exploit vulnerability     allows low privileged attacker with network access via     multiple protocols to compromise MySQL Client.
    Successful attacks of this vulnerability can result in     unauthorized ability to cause a hang or frequently     repeatable crash (complete DOS) of MySQL Client. CVSS     3.0 Base Score 5.3 (Availability impacts). CVSS Vector:
    (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2020-2752)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: Server: Stored Procedure). Supported     versions that are affected are 5.6.47 and prior, 5.7.29     and prior and 8.0.19 and prior. Easily exploitable     vulnerability allows high privileged attacker with     network access via multiple protocols to compromise     MySQL Server. Successful attacks of this vulnerability     can result in unauthorized ability to cause a hang or     frequently repeatable crash (complete DOS) of MySQL     Server. CVSS 3.0 Base Score 4.9 (Availability impacts).
    CVSS Vector:
    (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2020-2812)

  - Vulnerability in the MySQL Server product of Oracle     MySQL (component: InnoDB). Supported versions that are     affected are 5.6.47 and prior, 5.7.28 and prior and     8.0.18 and prior. Easily exploitable vulnerability     allows high privileged attacker with network access via     multiple protocols to compromise MySQL Server.
    Successful attacks of this vulnerability can result in     unauthorized ability to cause a hang or frequently     repeatable crash (complete DOS) of MySQL Server. CVSS     3.0 Base Score 4.9 (Availability impacts). CVSS Vector:
    (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
    (CVE-2020-2814)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

**MariaDB 10.4.13 , Galera 26.4.4 , MariaDB CONC/C 3.1.8**

Release notes :

https://mariadb.com/kb/en/mariadb-10413-release-notes/ https://mariadb.com/kb/en/mariadb-connector-c-318-release-notes/

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

An update of the mysql package has been released.

New mariadb packages are available for Slackware 14.1 and -current to fix security issues.

Oracle reports :

This Critical Patch Update contains 45 new security patches for Oracle MySQL. 9 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials.

The version of MySQL running on the remote host is 5.6.x prior to 5.6.48. It is, therefore, affected by multiple of service vulnerabilities, including the following, as noted in the April 2020 Critical Patch Update advisory:

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Memcached). Supported versions   that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. This difficult to exploit   vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server.
  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently   repeatable crash (complete DOS) of MySQL Server. (CVE-2020-2804)

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported   versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. This easily exploitable   vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.
  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently   repeatable crash (complete DOS) of MySQL Server. (CVE-2020-2763)

  - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that   are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. This easily exploitable vulnerability   allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful   attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable   crash (complete DOS) of MySQL Server. (CVE-2020-2780)


Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of MySQL running on the remote host is 8.0.x prior   to 8.0.18. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below,   as noted in the October 2019 Critical Patch Update advisory:
    - Vulnerabilities in the MySQL Server product of Oracle MySQL (components: Server: C API and Optimizer). Easily   exploitable vulnerabilities which allow low privileged attackers with network access via multiple protocols to   compromise MySQL Server. Successful exploitation of these vulnerabilities can result in unauthorized ability to cause   a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2966, CVE-2019-3011)

    - A non-privileged user or program can put code and a config file in a known non-privileged path (under   C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl 'engine') on invocation.   If that curl is invoked by a privileged user it can do anything it wants. (CVE-2019-5443)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of MySQL running on the remote host is 5.7.x prior to 5.7.28. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below, as noted in the October 2019 Critical Patch Update advisory:
  - Vulnerabilities in the MySQL Server product of Oracle MySQL (component: Server: Optimizer and PS). Easily   exploitable vulnerabilities which allow low privileged attackers with network access via multiple protocols to   compromise MySQL Server. Successful exploitation of these vulnerabilities can result in unauthorized ability to cause   a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2019-2946, CVE-2019-2974) 

  - A non-privileged user or program can put code and a config file in a known non-privileged path (under   C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl 'engine') on invocation.   If that curl is invoked by a privileged user it can do anything it wants. (CVE-2019-5443)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
138704	openSUSE Security Update : mariadb (openSUSE-2020-870)	Nessus	SuSE Local Security Checks	medium
138309	SUSE SLES12 Security Update : mariadb-100 (SUSE-SU-2020:1798-1)	Nessus	SuSE Local Security Checks	medium
138287	SUSE SLES15 Security Update : mariadb (SUSE-SU-2020:1711-1)	Nessus	SuSE Local Security Checks	medium
138286	SUSE SLES12 Security Update : mariadb (SUSE-SU-2020:1710-1)	Nessus	SuSE Local Security Checks	medium
138103	MariaDB 10.3.0 < 10.3.23 Multiple Vulnerabilities	Nessus	Databases	medium
138102	MariaDB 10.4.0 < 10.4.13 Multiple Vulnerabilities	Nessus	Databases	medium
138101	MariaDB 10.2.0 < 10.2.32 Multiple Vulnerabilities	Nessus	Databases	medium
138100	MariaDB 5.5.0 < 5.5.68 Multiple Vulnerabilities	Nessus	Databases	medium
138099	MariaDB 10.1.0 < 10.1.45 Multiple Vulnerabilities	Nessus	Databases	medium
137422	Fedora 32 : 3:mariadb / galera / mariadb-connector-c (2020-35f52d9370)	Nessus	Fedora Local Security Checks	medium
136556	Photon OS 1.0: Mysql PHSA-2020-1.0-0292	Nessus	PhotonOS Local Security Checks	medium
136544	Slackware 14.1 / current : mariadb (SSA:2020-133-01)	Nessus	Slackware Local Security Checks	medium
136408	Photon OS 2.0: Mysql PHSA-2020-2.0-0239	Nessus	PhotonOS Local Security Checks	medium
135942	FreeBSD : MySQL Client -- Multiple vulerabilities (622b5c47-855b-11ea-a5e2-d4c9ef517024)	Nessus	FreeBSD Local Security Checks	medium
135872	Photon OS 3.0: Mysql PHSA-2020-3.0-0082	Nessus	PhotonOS Local Security Checks	medium
135699	MySQL 5.6.x < 5.6.48 Multiple Vulnerabilities (Apr 2020 CPU)	Nessus	Databases	medium
130027	MySQL 8.0.x < 8.0.18 Multiple Vulnerabilities (Oct 2019 CPU)	Nessus	Databases	medium
130026	MySQL 5.7.x < 5.7.28 Multiple Vulnerabilities (Oct 2019 CPU)	Nessus	Databases	medium

CVE-2020-2752

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Tenable Plugins