Description
Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.
Remediation
References
Related Vulnerabilities
PrestaShop CVE-2018-19125 Vulnerability (CVE-2018-19125)
MediaWiki Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2020-25827)
WordPress Plugin BackupBuddy Multiple Vulnerabilities (8.0.1.8)
WordPress Plugin Contact Form 7 Datepicker Cross-Site Scripting (2.6.0)
Coppermine Cross-site Scripting (XSS) Vulnerability (CVE-2018-14478)