CVE-2016-5444
First published: Thu Jul 21 2016(Updated: )
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.
Credit: secalert_us@oracle.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Oracle MySQL | >=5.5.0<=5.5.48 | |
| Oracle MySQL | >=5.6.0<=5.6.29 | |
| Oracle MySQL | >=5.7.0<=5.7.11 | |
| MariaDB | >=5.5.20<5.5.49 | |
| MariaDB | >=10.0.0<10.0.25 | |
| MariaDB | >=10.1.0<10.1.14 | |
| IBM PowerKVM | =2.1 | |
| IBM PowerKVM | =3.1 | |
| Red Hat Enterprise Linux | =6.0 | |
| Red Hat Enterprise Linux | =7.0 | |
| Red Hat Enterprise Linux Desktop | =7.0 | |
| Red Hat Enterprise Linux Server | =7.0 | |
| Red Hat Enterprise Linux Server | =7.2 | |
| Red Hat Enterprise Linux Server | =7.3 | |
| Red Hat Enterprise Linux Server | =7.4 | |
| Red Hat Enterprise Linux Server | =7.6 | |
| Red Hat Enterprise Linux Server | =7.2 | |
| Red Hat Enterprise Linux Server | =7.3 | |
| Red Hat Enterprise Linux Server | =7.4 | |
| Red Hat Enterprise Linux Server | =7.5 | |
| Red Hat Enterprise Linux Server | =7.6 | |
| Red Hat Enterprise Linux Server | =7.2 | |
| Red Hat Enterprise Linux Server | =7.3 | |
| Red Hat Enterprise Linux Server | =7.6 | |
| Red Hat Enterprise Linux Workstation | =7.0 | |
| Oracle Linux | =7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://rhn.redhat.com/errata/RHSA-2016-0705.html
- http://rhn.redhat.com/errata/RHSA-2016-1480.html
- http://rhn.redhat.com/errata/RHSA-2016-1481.html
- http://rhn.redhat.com/errata/RHSA-2016-1602.html
- http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168
- http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.securityfocus.com/bid/91787
- http://www.securityfocus.com/bid/91987
- http://www.securitytracker.com/id/1036362
- https://access.redhat.com/errata/RHSA-2016:1132
- https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/
- https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/
- https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/
Frequently Asked Questions
What is the severity of CVE-2016-5444?
CVE-2016-5444 is considered a moderate severity vulnerability.
How do I fix CVE-2016-5444?
To fix CVE-2016-5444, upgrade to the latest version of MySQL or MariaDB that addresses this vulnerability.
Which versions are affected by CVE-2016-5444?
CVE-2016-5444 affects MySQL versions 5.5.48 and earlier, 5.6.29 and earlier, 5.7.11 and earlier, and MariaDB versions before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14.
What type of threat does CVE-2016-5444 pose?
CVE-2016-5444 allows remote attackers to potentially affect the confidentiality of the system.
Is there a workaround for CVE-2016-5444?
There are no specific workarounds documented for CVE-2016-5444, so patching is recommended.
- agent/references
- agent/type
- agent/remedy
- agent/author
- agent/severity
- agent/first-publish-date
- agent/event
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/oracle
- canonical/oracle mysql
- version/oracle mysql/5.5.0
- version/oracle mysql/5.5.48
- version/oracle mysql/5.6.0
- version/oracle mysql/5.6.29
- version/oracle mysql/5.7.0
- version/oracle mysql/5.7.11
- vendor/mariadb
- canonical/mariadb
- version/mariadb/5.5.20
- version/mariadb/10.0.0
- version/mariadb/10.1.0
- vendor/ibm
- canonical/ibm powerkvm
- version/ibm powerkvm/2.1
- version/ibm powerkvm/3.1
- vendor/redhat
- canonical/red hat enterprise linux
- version/red hat enterprise linux/6.0
- version/red hat enterprise linux/7.0
- canonical/red hat enterprise linux desktop
- version/red hat enterprise linux desktop/7.0
- canonical/red hat enterprise linux server
- version/red hat enterprise linux server/7.0
- version/red hat enterprise linux server/7.2
- version/red hat enterprise linux server/7.3
- version/red hat enterprise linux server/7.4
- version/red hat enterprise linux server/7.6
- version/red hat enterprise linux server/7.5
- canonical/red hat enterprise linux workstation
- version/red hat enterprise linux workstation/7.0
- canonical/oracle linux
- version/oracle linux/7