CVE-2019-2974

Name of the Vulnerable Software and Affected Versions MySQL Server versions 5.6.45 and prior MySQL Server versions 5.7.27 and prior MySQL Server versions 8.0.17 and prior

Description A vulnerability in the MySQL Server product allows a low-privileged attacker with network access via multiple protocols to compromise the server. Successful attacks can result in unauthorized ability to cause a hang or frequently repeatable crash of the MySQL Server, leading to a denial of service. The issue is related to errors in resource release.

Recommendations For MySQL Server versions 5.6.45 and prior, update to a version later than 5.6.45 to resolve the issue. For MySQL Server versions 5.7.27 and prior, update to a version later than 5.7.27 to resolve the issue. For MySQL Server versions 8.0.17 and prior, update to a version later than 8.0.17 to resolve the issue. As a temporary workaround, consider restricting access to the MySQL Server to minimize the risk of exploitation.