CVE-2016-0596
First published: Thu Jan 21 2016(Updated: )
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.27 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.
Credit: secalert_us@oracle.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/mysql | <5.5.47 | 5.5.47 |
| redhat/mysql | <5.6.28 | 5.6.28 |
| redhat/mariadb | <5.5.47 | 5.5.47 |
| redhat/mariadb | <10.1.10 | 10.1.10 |
| redhat/mariadb | <10.0.23 | 10.0.23 |
| Red Hat Enterprise Linux Desktop | =7.0 | |
| Red Hat Enterprise Linux HPC Node | =7.0 | |
| Red Hat Enterprise Linux HPC Node | =7.2 | |
| Red Hat Enterprise Linux Server | =7.0 | |
| Red Hat Enterprise Linux Server | =7.2 | |
| Red Hat Enterprise Linux Server | =7.2 | |
| Red Hat Enterprise Linux Workstation | =7.0 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =11.3 | |
| Debian | =8.0 | |
| Red Hat Enterprise Linux | =6.0 | |
| Red Hat Enterprise Linux | =7.0 | |
| SUSE Linux | =42.1 | |
| SUSE Linux | =13.2 | |
| Oracle Linux | =7 | |
| Ubuntu | =12.04 | |
| Ubuntu | =14.04 | |
| Ubuntu | =15.04 | |
| Ubuntu | =15.10 | |
| MariaDB | >=5.5.20<5.5.47 | |
| MariaDB | >=10.0.0<10.0.23 | |
| MariaDB | >=10.1.0<10.1.10 | |
| Oracle MySQL | >=5.5.0<=5.5.46 | |
| Oracle MySQL | >=5.6.0<=5.6.27 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html
- http://rhn.redhat.com/errata/RHSA-2016-0534.html
- http://rhn.redhat.com/errata/RHSA-2016-0705.html
- http://rhn.redhat.com/errata/RHSA-2016-1480.html
- http://rhn.redhat.com/errata/RHSA-2016-1481.html
- http://www.debian.org/security/2016/dsa-3453
- http://www.debian.org/security/2016/dsa-3459
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
- http://www.securityfocus.com/bid/81130
- http://www.securitytracker.com/id/1034708
- http://www.ubuntu.com/usn/USN-2881-1
- https://access.redhat.com/errata/RHSA-2016:1132
- https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/
- https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/
- https://mariadb.com/kb/en/mdb-10023-rn/
- http://www.oracle.com/technetwork/topics/security/cpujan2016verbose-2367956.html
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1301518
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1301517
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1301519
- https://rhn.redhat.com/errata/RHSA-2016-0534.html
- https://rhn.redhat.com/errata/RHSA-2016-0705.html
- https://rhn.redhat.com/errata/RHSA-2016-1481.html
- https://rhn.redhat.com/errata/RHSA-2016-1480.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1301496
Frequently Asked Questions
What is the severity of CVE-2016-0596?
The severity of CVE-2016-0596 is currently not specified, but it affects the availability of databases.
How do I fix CVE-2016-0596?
To fix CVE-2016-0596, update MySQL to version 5.5.47 or 5.6.28, or MariaDB to version 5.5.47, 10.0.23, or 10.1.10.
Which database versions are affected by CVE-2016-0596?
CVE-2016-0596 affects Oracle MySQL versions 5.5.46 and earlier, 5.6.27 and earlier, and various MariaDB versions before the specified fixed releases.
Can remote users exploit CVE-2016-0596?
Yes, remote authenticated users can exploit CVE-2016-0596 to affect the availability of the database.
What are the impacts of CVE-2016-0596?
The impact of CVE-2016-0596 is primarily related to the availability of affected MySQL and MariaDB databases.
- agent/type
- agent/severity
- agent/references
- agent/remedy
- agent/author
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2016-0596
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- package-manager/redhat
- vendor/redhat
- canonical/red hat enterprise linux desktop
- version/red hat enterprise linux desktop/7.0
- canonical/red hat enterprise linux hpc node
- version/red hat enterprise linux hpc node/7.0
- version/red hat enterprise linux hpc node/7.2
- canonical/red hat enterprise linux server
- version/red hat enterprise linux server/7.0
- version/red hat enterprise linux server/7.2
- canonical/red hat enterprise linux workstation
- version/red hat enterprise linux workstation/7.0
- vendor/oracle
- canonical/oracle solaris and zettabyte file system (zfs)
- version/oracle solaris and zettabyte file system (zfs)/11.3
- vendor/debian
- canonical/debian
- version/debian/8.0
- canonical/red hat enterprise linux
- version/red hat enterprise linux/6.0
- version/red hat enterprise linux/7.0
- vendor/opensuse
- canonical/suse linux
- version/suse linux/42.1
- version/suse linux/13.2
- canonical/oracle linux
- version/oracle linux/7
- vendor/canonical
- canonical/ubuntu
- version/ubuntu/12.04
- version/ubuntu/14.04
- version/ubuntu/15.04
- version/ubuntu/15.10
- vendor/mariadb
- canonical/mariadb
- version/mariadb/5.5.20
- version/mariadb/10.0.0
- version/mariadb/10.1.0
- canonical/oracle mysql
- version/oracle mysql/5.5.0
- version/oracle mysql/5.5.46
- version/oracle mysql/5.6.0
- version/oracle mysql/5.6.27