CVE-2016-0666
First published: Thu Apr 21 2016(Updated: )
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to Security: Privileges.
Credit: secalert_us@oracle.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/mysql | <5.5.49 | 5.5.49 |
| redhat/mysql | <5.6.30 | 5.6.30 |
| redhat/mysql | <5.7.12 | 5.7.12 |
| redhat/mariadb | <5.5.49 | 5.5.49 |
| redhat/mariadb | <10.1.14 | 10.1.14 |
| redhat/mariadb | <10.0.25 | 10.0.25 |
| Red Hat Enterprise Linux | =6.0 | |
| Red Hat Enterprise Linux | =7.0 | |
| Debian | =8.0 | |
| MariaDB | >=5.5.20<5.5.49 | |
| MariaDB | >=10.0.0<10.0.25 | |
| MariaDB | >=10.1.0<10.1.14 | |
| Oracle Linux | =7 | |
| SUSE Linux | =42.1 | |
| Oracle MySQL | >=5.5.0<=5.5.48 | |
| Oracle MySQL | >=5.6.0<=5.6.29 | |
| Oracle MySQL | >=5.7.0<=5.7.11 | |
| IBM PowerKVM | =2.1 | |
| IBM PowerKVM | =3.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html
- http://rhn.redhat.com/errata/RHSA-2016-0705.html
- http://rhn.redhat.com/errata/RHSA-2016-1480.html
- http://rhn.redhat.com/errata/RHSA-2016-1481.html
- http://rhn.redhat.com/errata/RHSA-2016-1602.html
- http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168
- http://www.debian.org/security/2016/dsa-3557
- http://www.debian.org/security/2016/dsa-3595
- http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.securityfocus.com/bid/86509
- http://www.securitytracker.com/id/1035606
- http://www.ubuntu.com/usn/USN-2953-1
- http://www.ubuntu.com/usn/USN-2954-1
- https://access.redhat.com/errata/RHSA-2016:1132
- https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/
- https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/
- https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/
- http://www.oracle.com/technetwork/topics/security/cpuapr2016verbose-2881709.html
- https://rhn.redhat.com/errata/RHSA-2016-0705.html
- https://rhn.redhat.com/errata/RHSA-2016-1481.html
- https://rhn.redhat.com/errata/RHSA-2016-1480.html
- https://rhn.redhat.com/errata/RHSA-2016-1602.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1329270
Frequently Asked Questions
What is the severity of CVE-2016-0666?
CVE-2016-0666 is an unspecified vulnerability that affects the security privileges in MySQL and MariaDB, which may impact availability.
Which versions of MySQL are affected by CVE-2016-0666?
CVE-2016-0666 affects MySQL versions 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier.
How do I fix CVE-2016-0666?
To mitigate CVE-2016-0666, upgrade to MySQL version 5.5.49 or later, 5.6.30 or later, or 5.7.12 or later.
Which versions of MariaDB are vulnerable to CVE-2016-0666?
CVE-2016-0666 affects MariaDB versions before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14.
What types of systems are impacted by CVE-2016-0666?
CVE-2016-0666 impacts Oracle MySQL and MariaDB running on various Linux distributions, including Red Hat and Debian.
- agent/type
- agent/severity
- agent/references
- agent/remedy
- agent/author
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2016-0666
- agent/software-canonical-lookup
- agent/first-publish-date
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- package-manager/redhat
- vendor/redhat
- canonical/red hat enterprise linux
- version/red hat enterprise linux/6.0
- version/red hat enterprise linux/7.0
- vendor/debian
- canonical/debian
- version/debian/8.0
- vendor/mariadb
- canonical/mariadb
- version/mariadb/5.5.20
- version/mariadb/10.0.0
- version/mariadb/10.1.0
- vendor/oracle
- canonical/oracle linux
- version/oracle linux/7
- vendor/opensuse
- canonical/suse linux
- version/suse linux/42.1
- canonical/oracle mysql
- version/oracle mysql/5.5.0
- version/oracle mysql/5.5.48
- version/oracle mysql/5.6.0
- version/oracle mysql/5.6.29
- version/oracle mysql/5.7.0
- version/oracle mysql/5.7.11
- vendor/ibm
- canonical/ibm powerkvm
- version/ibm powerkvm/2.1
- version/ibm powerkvm/3.1