CVE-2007-5925

Publication date 10 November 2007

Last updated 24 July 2024

Ubuntu priority

The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, which triggers an assertion error.

Read the notes from the security team

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
mysql-dfsg-5.0	7.10 gutsy	Fixed 5.0.45-1ubuntu3.1
	7.04 feisty	Fixed 5.0.38-0ubuntu1.2
	6.10 edgy	Fixed 5.0.24a-9ubuntu2.2
	6.06 LTS dapper	Fixed 5.0.22-0ubuntu6.06.6

How can I get the fixes?
What do statuses mean?

Notes

jdstrand

unrelated LP bug #161127 should be fixed with this update

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-559-1
MySQL vulnerabilities
21 December 2007

USN-1397-1
MySQL vulnerabilities
12 March 2012

Other references

http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:243
https://rhn.redhat.com/errata/RHSA-2007-1155.html
https://www.cve.org/CVERecord?id=CVE-2007-5925