CVE-2016-3521
First published: Thu Jul 21 2016(Updated: )
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.
Credit: secalert_us@oracle.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM PowerKVM | =2.1 | |
| IBM PowerKVM | =3.1 | |
| MariaDB | >=5.5.20<5.5.50 | |
| MariaDB | >=10.0.0<10.0.26 | |
| MariaDB | >=10.1.0<10.1.15 | |
| Oracle MySQL | >=5.5.0<=5.5.49 | |
| Oracle MySQL | >=5.6.0<=5.6.30 | |
| Oracle MySQL | >=5.7.0<=5.7.12 | |
| Oracle Linux | =7 | |
| Debian | =8.0 | |
| Ubuntu | =12.04 | |
| Ubuntu | =14.04 | |
| Ubuntu | =15.10 | |
| Ubuntu | =16.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html
- http://rhn.redhat.com/errata/RHSA-2016-1480.html
- http://rhn.redhat.com/errata/RHSA-2016-1601.html
- http://rhn.redhat.com/errata/RHSA-2016-1602.html
- http://rhn.redhat.com/errata/RHSA-2016-1603.html
- http://rhn.redhat.com/errata/RHSA-2016-1604.html
- http://rhn.redhat.com/errata/RHSA-2016-1637.html
- http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168
- http://www.debian.org/security/2016/dsa-3624
- http://www.debian.org/security/2016/dsa-3632
- http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.securityfocus.com/bid/91787
- http://www.securityfocus.com/bid/91932
- http://www.securitytracker.com/id/1036362
- http://www.ubuntu.com/usn/USN-3040-1
- https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/
- https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/
- https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/
Frequently Asked Questions
What is the severity of CVE-2016-3521?
CVE-2016-3521 is classified with a severity that can impact the availability of affected systems.
How do I fix CVE-2016-3521?
To mitigate CVE-2016-3521, upgrade Oracle MySQL to versions later than 5.5.49, 5.6.30, and 5.7.12, or upgrade MariaDB to versions later than 5.5.50, 10.0.26, or 10.1.15.
Which versions are affected by CVE-2016-3521?
CVE-2016-3521 affects Oracle MySQL versions 5.5.49 and earlier, 5.6.30 and earlier, 5.7.12 and earlier, and certain MariaDB versions before 5.5.50, 10.0.26, and 10.1.15.
Can CVE-2016-3521 be exploited remotely?
Yes, CVE-2016-3521 can be exploited by remote authenticated users to affect system availability.
What is the nature of the vulnerability in CVE-2016-3521?
CVE-2016-3521 is an unspecified vulnerability related to server types in affected versions of Oracle MySQL and MariaDB.
- agent/type
- agent/severity
- agent/remedy
- agent/references
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ibm
- canonical/ibm powerkvm
- version/ibm powerkvm/2.1
- version/ibm powerkvm/3.1
- vendor/mariadb
- canonical/mariadb
- version/mariadb/5.5.20
- version/mariadb/10.0.0
- version/mariadb/10.1.0
- vendor/oracle
- canonical/oracle mysql
- version/oracle mysql/5.5.0
- version/oracle mysql/5.5.49
- version/oracle mysql/5.6.0
- version/oracle mysql/5.6.30
- version/oracle mysql/5.7.0
- version/oracle mysql/5.7.12
- canonical/oracle linux
- version/oracle linux/7
- vendor/debian
- canonical/debian
- version/debian/8.0
- vendor/canonical
- canonical/ubuntu
- version/ubuntu/12.04
- version/ubuntu/14.04
- version/ubuntu/15.10
- version/ubuntu/16.04