Description
Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.
Remediation
References
Related Vulnerabilities
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-37914)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7837)
Liferay Portal Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-33320)
WordPress Plugin Genie WP Favicon Cross-Site Request Forgery (0.5.2)
WordPress Plugin Staff Directory-Employee Directory for WordPress Unspecified Vulnerability (3.6.1)