CVE-2016-0644
First published: Thu Apr 21 2016(Updated: )
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to DDL.
Credit: secalert_us@oracle.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/mysql | <5.5.48 | 5.5.48 |
| redhat/mysql | <5.6.29 | 5.6.29 |
| redhat/mysql | <5.7.11 | 5.7.11 |
| redhat/mariadb | <5.5.48 | 5.5.48 |
| redhat/mariadb | <10.1.12 | 10.1.12 |
| redhat/mariadb | <10.0.24 | 10.0.24 |
| Debian | =8.0 | |
| SUSE Linux | =42.1 | |
| Oracle Linux | =7 | |
| IBM PowerKVM | =2.1 | |
| IBM PowerKVM | =3.1 | |
| Red Hat Enterprise Linux | =6.0 | |
| Red Hat Enterprise Linux | =7.0 | |
| Oracle MySQL | >=5.5.0<=5.5.47 | |
| Oracle MySQL | >=5.6.0<=5.6.28 | |
| Oracle MySQL | >=5.7.0<=5.7.10 | |
| MariaDB | >=5.5.20<5.5.48 | |
| MariaDB | >=10.0.0<10.0.24 | |
| MariaDB | >=10.1.0<10.1.12 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html
- http://rhn.redhat.com/errata/RHSA-2016-0705.html
- http://rhn.redhat.com/errata/RHSA-2016-1480.html
- http://rhn.redhat.com/errata/RHSA-2016-1481.html
- http://rhn.redhat.com/errata/RHSA-2016-1602.html
- http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168
- http://www.debian.org/security/2016/dsa-3557
- http://www.debian.org/security/2016/dsa-3595
- http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.securityfocus.com/bid/86442
- http://www.securitytracker.com/id/1035606
- http://www.ubuntu.com/usn/USN-2953-1
- https://access.redhat.com/errata/RHSA-2016:1132
- https://mariadb.com/kb/en/mariadb/mariadb-10024-release-notes/
- https://mariadb.com/kb/en/mariadb/mariadb-10112-release-notes/
- https://mariadb.com/kb/en/mariadb/mariadb-5548-release-notes/
- http://www.oracle.com/technetwork/topics/security/cpuapr2016verbose-2881709.html
- https://rhn.redhat.com/errata/RHSA-2016-0705.html
- https://rhn.redhat.com/errata/RHSA-2016-1481.html
- https://rhn.redhat.com/errata/RHSA-2016-1480.html
- https://rhn.redhat.com/errata/RHSA-2016-1602.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1329247
Frequently Asked Questions
What is the severity of CVE-2016-0644?
CVE-2016-0644 has been classified as a local availability vulnerability in Oracle MySQL and MariaDB.
How do I fix CVE-2016-0644?
To remediate CVE-2016-0644, upgrade MySQL to version 5.5.48 or later, 5.6.29 or later, or 5.7.11 or later, and MariaDB to version 5.5.48, 10.0.24, or 10.1.12.
Which MySQL versions are affected by CVE-2016-0644?
CVE-2016-0644 affects MySQL versions 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier.
Which MariaDB versions are impacted by CVE-2016-0644?
CVE-2016-0644 impacts MariaDB versions prior to 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12.
What causes CVE-2016-0644?
CVE-2016-0644 is caused by unspecified vulnerabilities in the DDL-related operations in the MySQL server component.
- agent/type
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2016-0644
- agent/software-canonical-lookup
- agent/remedy
- agent/references
- agent/author
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- package-manager/redhat
- vendor/debian
- canonical/debian
- version/debian/8.0
- vendor/opensuse
- canonical/suse linux
- version/suse linux/42.1
- vendor/oracle
- canonical/oracle linux
- version/oracle linux/7
- vendor/ibm
- canonical/ibm powerkvm
- version/ibm powerkvm/2.1
- version/ibm powerkvm/3.1
- vendor/redhat
- canonical/red hat enterprise linux
- version/red hat enterprise linux/6.0
- version/red hat enterprise linux/7.0
- canonical/oracle mysql
- version/oracle mysql/5.5.0
- version/oracle mysql/5.5.47
- version/oracle mysql/5.6.0
- version/oracle mysql/5.6.28
- version/oracle mysql/5.7.0
- version/oracle mysql/5.7.10
- vendor/mariadb
- canonical/mariadb
- version/mariadb/5.5.20
- version/mariadb/10.0.0
- version/mariadb/10.1.0