There is a vulnerability of type use-after-free affecting DBD::mysql (aka DBD-mysql or the Database Interface (DBI) MySQL driver for Perl) 3.x and 4.x before 4.041 when used with mysql_server_prepare=1.
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory “belongs” to the code that operates on the new pointer.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Dbd-mysql | Dbd-mysql_project | 3.0000_0 (including) | 3.0000_0 (including) |
| Dbd-mysql | Dbd-mysql_project | 3.0001_1 (including) | 3.0001_1 (including) |
| Dbd-mysql | Dbd-mysql_project | 3.0001_2 (including) | 3.0001_2 (including) |
| Dbd-mysql | Dbd-mysql_project | 3.0001_3 (including) | 3.0001_3 (including) |
| Dbd-mysql | Dbd-mysql_project | 3.0002_1 (including) | 3.0002_1 (including) |
| Dbd-mysql | Dbd-mysql_project | 3.0002_2 (including) | 3.0002_2 (including) |
| Dbd-mysql | Dbd-mysql_project | 3.0002_3 (including) | 3.0002_3 (including) |
| Dbd-mysql | Dbd-mysql_project | 3.0002_4 (including) | 3.0002_4 (including) |
| Dbd-mysql | Dbd-mysql_project | 3.0002_5 (including) | 3.0002_5 (including) |
| Dbd-mysql | Dbd-mysql_project | 3.0003_1 (including) | 3.0003_1 (including) |
| Dbd-mysql | Dbd-mysql_project | 3.0004_1 (including) | 3.0004_1 (including) |
| Dbd-mysql | Dbd-mysql_project | 3.0005 (including) | 3.0005 (including) |
| Dbd-mysql | Dbd-mysql_project | 3.0005_1 (including) | 3.0005_1 (including) |
| Dbd-mysql | Dbd-mysql_project | 3.0007_2 (including) | 3.0007_2 (including) |
| Dbd-mysql | Dbd-mysql_project | 3.0008_1 (including) | 3.0008_1 (including) |
| Dbd-mysql | Dbd-mysql_project | 3.0009_1 (including) | 3.0009_1 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.00 (including) | 4.00 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.001 (including) | 4.001 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.002 (including) | 4.002 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.003 (including) | 4.003 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.004 (including) | 4.004 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.005 (including) | 4.005 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.006 (including) | 4.006 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.007 (including) | 4.007 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.008 (including) | 4.008 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.009 (including) | 4.009 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.010 (including) | 4.010 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.011 (including) | 4.011 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.012 (including) | 4.012 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.013 (including) | 4.013 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.014 (including) | 4.014 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.015 (including) | 4.015 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.016 (including) | 4.016 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.017 (including) | 4.017 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.018 (including) | 4.018 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.019 (including) | 4.019 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.020 (including) | 4.020 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.021 (including) | 4.021 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.022 (including) | 4.022 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.023 (including) | 4.023 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.024 (including) | 4.024 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.025 (including) | 4.025 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.026 (including) | 4.026 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.027 (including) | 4.027 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.028 (including) | 4.028 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.029 (including) | 4.029 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.030_01 (including) | 4.030_01 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.030_02 (including) | 4.030_02 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.031 (including) | 4.031 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.032 (including) | 4.032 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.032_01 (including) | 4.032_01 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.032_02 (including) | 4.032_02 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.032_03 (including) | 4.032_03 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.033 (including) | 4.033 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.033_01 (including) | 4.033_01 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.033_02 (including) | 4.033_02 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.033_03 (including) | 4.033_03 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.034 (including) | 4.034 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.035 (including) | 4.035 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.035_01 (including) | 4.035_01 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.035_02 (including) | 4.035_02 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.035_03 (including) | 4.035_03 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.036 (including) | 4.036 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.037 (including) | 4.037 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.037_01 (including) | 4.037_01 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.038 (including) | 4.038 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.038_01 (including) | 4.038_01 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.039 (including) | 4.039 (including) |
| Dbd-mysql | Dbd-mysql_project | 4.040 (including) | 4.040 (including) |
| Libdbd-mysql-perl | Ubuntu | esm-apps/xenial | * |
| Libdbd-mysql-perl | Ubuntu | esm-infra-legacy/trusty | * |
| Libdbd-mysql-perl | Ubuntu | precise | * |
| Libdbd-mysql-perl | Ubuntu | precise/esm | * |
| Libdbd-mysql-perl | Ubuntu | trusty | * |
| Libdbd-mysql-perl | Ubuntu | trusty/esm | * |
| Libdbd-mysql-perl | Ubuntu | upstream | * |
| Libdbd-mysql-perl | Ubuntu | xenial | * |
| Libdbd-mysql-perl | Ubuntu | yakkety | * |