Lucene search
Ubuntu.comUB:CVE-2024-20978HistoryJan 17, 2024 - 12:00 a.m.
CVE-2024-20978
2024-01-1700:00:00
ubuntu.com
ubuntu.com
14
vulnerability
oracle mysql
server hang
unauthorized access
high privileged attacker
network access
dos.
Vulnerability in the MySQL Server product of Oracle MySQL (component:
Server: Optimizer). Supported versions that are affected are 8.0.35 and
prior and 8.2.0 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to
compromise MySQL Server. Successful attacks of this vulnerability can
result in unauthorized ability to cause a hang or frequently repeatable
crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability
impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Notes
| Author | Note |
|---|---|
| leosilva | since 5.5 is no longer upstream supported and so far we cannot patch it, marking it as ignored. |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 23.10 | noarch | mariadb | < any | UNKNOWN |
| ubuntu | 24.04 | noarch | mariadb | < any | UNKNOWN |
| ubuntu | 16.04 | noarch | mariadb-10.0 | < any | UNKNOWN |
| ubuntu | 18.04 | noarch | mariadb-10.1 | < any | UNKNOWN |
| ubuntu | 20.04 | noarch | mariadb-10.3 | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | mariadb-10.6 | < any | UNKNOWN |
| ubuntu | 18.04 | noarch | mysql-5.7 | < any | UNKNOWN |
| ubuntu | 16.04 | noarch | mysql-5.7 | < any | UNKNOWN |
| ubuntu | 20.04 | noarch | mysql-8.0 | < 8.0.36-0ubuntu0.20.04.1 | UNKNOWN |
| ubuntu | 22.04 | noarch | mysql-8.0 | < 8.0.36-0ubuntu0.22.04.1 | UNKNOWN |
Related
redhatcve
redhatcve
CVE-2024-20978
2024-01-17 12:05:46
prion
prion
Code injection
2024-02-17 02:15:00
cvelist
cvelist
CVE-2024-20978
2024-02-17 01:50:21
debiancve
debiancve
CVE-2024-20978
2024-02-17 02:15:51
osv
osv
CVE-2024-20978
2024-02-17 02:15:51
Moderate: mysql:8.0 security update
2024-02-20 00:00:00
Moderate: mysql security update
2024-03-05 00:00:00
cve
cve
CVE-2024-20978
2024-02-17 02:15:51
f5
f5
K000138704 : Multiple MySQL vulnerabilities
2024-02-23 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6615-1)
2024-01-31 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2024-4.0-0555
2024-01-23 00:00:00
Moderate Photon OS Security Update - PHSA-2024-3.0-0716
2024-01-21 00:00:00
Critical Photon OS Security Update - PHSA-2024-5.0-0194
2024-01-22 00:00:00
nessus
nessus
Oracle MySQL Server 8.x < 8.3.0 (January 2024 CPU)
2024-01-19 00:00:00
Oracle MySQL Server 8.0.x < 8.0.36 (April 2024 CPU)
2024-01-19 00:00:00
Oracle Linux 8 : mysql:8.0 (ELSA-2024-0894)
2024-02-22 00:00:00
oraclelinux
oraclelinux
mysql:8.0 security update
2024-02-21 00:00:00
mysql security update
2024-03-06 00:00:00
almalinux
almalinux
Moderate: mysql:8.0 security update
2024-02-20 00:00:00
Moderate: mysql security update
2024-03-05 00:00:00
redhat
redhat
(RHSA-2024:0894) Moderate: mysql:8.0 security update
2024-02-20 11:21:25
(RHSA-2024:1141) Moderate: mysql security update
2024-03-05 15:32:23
(RHSA-2024:2619) Moderate: rh-mysql80-mysql security update
2024-04-30 16:31:20
oracle
oracle
Oracle Critical Patch Update Advisory - January 2024
2024-01-16 00:00:00