What is CVE-2012-5613?

CVE-2012-5613 is a vulnerability in Linux Linux_kernel, classified under CWE-16. Published 2012-12-03.

Is CVE-2012-5613 known to be exploited?

6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Linux Linux_kernel

CVE-2012-5613

MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privi…

EPSS: 0.888 (99.5th percentile) — read the EPSS interpretation.

Affected products

Linux Linux_kernel
Mariadb — versions 5.5.28a
Oracle Mysql — versions 5.5.19
N/a — versions n/a

Weakness classification (CWE)

CWE-16

Public proof-of-concept exploits

References

53372 (Broken Link, third-party-advisory)
[oss-security] 20121202 Re: Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday (mailing-list, Mailing List, Third Party Advisory)
GLSA-201308-06 (vendor-advisory, Third Party Advisory)
[oss-security] 20121202 Re: Re: [Full-disclosure] MySQL (Linux) Stack based buffer overrun PoC Zeroday (mailing-list, Mailing List, Third Party Advisory)
SUSE-SU-2013:0262 (vendor-advisory, Mailing List, Third Party Advisory)
20121201 MySQL (Linux) Database Privilege Elevation Zeroday Exploit (mailing-list, Exploit, Mailing List, Third Party Advisory)

Frequently asked questions

What is CVE-2012-5613?: CVE-2012-5613 is a vulnerability in Linux Linux_kernel, classified under CWE-16. Published 2012-12-03.
Is CVE-2012-5613 known to be exploited?: 6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.