CVE-2016-0598
First published: Thu Jan 21 2016(Updated: )
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.
Credit: secalert_us@oracle.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/mysql | <5.5.47 | 5.5.47 |
| redhat/mysql | <5.6.28 | 5.6.28 |
| redhat/mysql | <5.7.10 | 5.7.10 |
| redhat/mariadb | <5.5.47 | 5.5.47 |
| redhat/mariadb | <10.1.10 | 10.1.10 |
| redhat/mariadb | <10.0.23 | 10.0.23 |
| openSUSE | =42.1 | |
| openSUSE | =13.2 | |
| Oracle Linux | =7 | |
| Red Hat Enterprise Linux | =6.0 | |
| Red Hat Enterprise Linux | =7.0 | |
| redhat enterprise Linux desktop | =7.0 | |
| Red Hat Enterprise Linux HPC Node | =7.0 | |
| Red Hat Enterprise Linux HPC Node | =7.2 | |
| redhat enterprise Linux server | =7.0 | |
| redhat enterprise Linux server aus | =7.2 | |
| redhat enterprise Linux server eus | =7.2 | |
| redhat enterprise Linux workstation | =7.0 | |
| Debian | =8.0 | |
| Oracle Solaris SPARC | =11.3 | |
| Ubuntu | =12.04 | |
| Ubuntu | =14.04 | |
| Ubuntu | =15.04 | |
| Ubuntu | =15.10 | |
| Ariadne CMS | >=5.5.20<5.5.47 | |
| Ariadne CMS | >=10.0.0<10.0.23 | |
| Ariadne CMS | >=10.1.0<10.1.10 | |
| MySQL | >=5.5.0<=5.5.46 | |
| MySQL | >=5.6.0<=5.6.27 | |
| MySQL | >=5.7.0<=5.7.9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html
- http://rhn.redhat.com/errata/RHSA-2016-0534.html
- http://rhn.redhat.com/errata/RHSA-2016-0705.html
- http://rhn.redhat.com/errata/RHSA-2016-1480.html
- http://rhn.redhat.com/errata/RHSA-2016-1481.html
- http://www.debian.org/security/2016/dsa-3453
- http://www.debian.org/security/2016/dsa-3459
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
- http://www.securityfocus.com/bid/81182
- http://www.securitytracker.com/id/1034708
- http://www.ubuntu.com/usn/USN-2881-1
- https://access.redhat.com/errata/RHSA-2016:1132
- https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/
- https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/
- https://mariadb.com/kb/en/mdb-10023-rn/
- http://www.oracle.com/technetwork/topics/security/cpujan2016verbose-2367956.html
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1301518
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1301517
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1301519
- https://rhn.redhat.com/errata/RHSA-2016-0534.html
- https://rhn.redhat.com/errata/RHSA-2016-0705.html
- https://rhn.redhat.com/errata/RHSA-2016-1481.html
- https://rhn.redhat.com/errata/RHSA-2016-1480.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1301498
Frequently Asked Questions
What is the severity of CVE-2016-0598?
CVE-2016-0598 has a medium severity level which can impact the availability of MySQL and MariaDB installations.
How do I fix CVE-2016-0598?
To fix CVE-2016-0598, update MySQL to version 5.5.47 or later, 5.6.28, or 5.7.10, and for MariaDB, update to versions 5.5.47, 10.0.23, or 10.1.10.
Which versions of MySQL are affected by CVE-2016-0598?
MySQL versions 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and earlier are affected by CVE-2016-0598.
Which versions of MariaDB are affected by CVE-2016-0598?
MariaDB versions 5.5.46 and earlier, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 are affected by CVE-2016-0598.
Who is impacted by CVE-2016-0598?
Remote authenticated users of Oracle MySQL and MariaDB installations could impact system availability due to CVE-2016-0598.
- agent/type
- agent/severity
- agent/references
- agent/remedy
- agent/author
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2016-0598
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- package-manager/redhat
- vendor/opensuse
- canonical/opensuse
- version/opensuse/42.1
- version/opensuse/13.2
- vendor/oracle
- canonical/oracle linux
- version/oracle linux/7
- vendor/redhat
- canonical/red hat enterprise linux
- version/red hat enterprise linux/6.0
- version/red hat enterprise linux/7.0
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/7.0
- canonical/red hat enterprise linux hpc node
- version/red hat enterprise linux hpc node/7.0
- version/red hat enterprise linux hpc node/7.2
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/7.0
- canonical/redhat enterprise linux server aus
- version/redhat enterprise linux server aus/7.2
- canonical/redhat enterprise linux server eus
- version/redhat enterprise linux server eus/7.2
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/7.0
- vendor/debian
- canonical/debian
- version/debian/8.0
- canonical/oracle solaris sparc
- version/oracle solaris sparc/11.3
- vendor/canonical
- canonical/ubuntu
- version/ubuntu/12.04
- version/ubuntu/14.04
- version/ubuntu/15.04
- version/ubuntu/15.10
- vendor/mariadb
- canonical/ariadne cms
- version/ariadne cms/5.5.20
- version/ariadne cms/10.0.0
- version/ariadne cms/10.1.0
- canonical/mysql
- version/mysql/5.5.0
- version/mysql/5.5.46
- version/mysql/5.6.0
- version/mysql/5.6.27
- version/mysql/5.7.0
- version/mysql/5.7.9