CVE-2016-6662

Published: 12 September 2016

Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52, 5.6.33, and 5.7.15.

Priority

Cvss 3 Severity Score

9.8

Score breakdown

Status

Package	Release	Status
mariadb-10.0 Launchpad, Ubuntu, Debian	artful	Does not exist
	bionic	Does not exist
	cosmic	Does not exist
	disco	Does not exist
	eoan	Does not exist
	focal	Does not exist
	groovy	Does not exist
	hirsute	Does not exist
	impish	Does not exist
	jammy	Does not exist
	kinetic	Does not exist
	lunar	Does not exist
	mantic	Does not exist
	precise	Does not exist
	trusty	Does not exist
	upstream	Released (10.0.27)
	xenial	Released (10.0.27-0ubuntu0.16.04.1)
	yakkety	Released (10.0.28-0ubuntu0.16.10.1)
	zesty	Does not exist
mariadb-5.5 Launchpad, Ubuntu, Debian	artful	Does not exist
	bionic	Does not exist
	cosmic	Does not exist
	disco	Does not exist
	eoan	Does not exist
	focal	Does not exist
	groovy	Does not exist
	hirsute	Does not exist
	impish	Does not exist
	jammy	Does not exist
	kinetic	Does not exist
	lunar	Does not exist
	mantic	Does not exist
	precise	Does not exist
	trusty	Released (5.5.52-1ubuntu0.14.04.1)
	upstream	Needs triage
	xenial	Does not exist
	yakkety	Does not exist
	zesty	Does not exist
mysql-5.5 Launchpad, Ubuntu, Debian	artful	Does not exist
	bionic	Does not exist
	cosmic	Does not exist
	disco	Does not exist
	eoan	Does not exist
	focal	Does not exist
	groovy	Does not exist
	hirsute	Does not exist
	impish	Does not exist
	jammy	Does not exist
	kinetic	Does not exist
	lunar	Does not exist
	mantic	Does not exist
	precise	Released (5.5.52-0ubuntu0.12.04.1)
	trusty	Released (5.5.52-0ubuntu0.14.04.1)
	upstream	Released (5.5.52)
	vivid	Does not exist
	xenial	Does not exist
	yakkety	Does not exist
	zesty	Does not exist
mysql-5.6 Launchpad, Ubuntu, Debian	artful	Does not exist
	bionic	Does not exist
	cosmic	Does not exist
	disco	Does not exist
	eoan	Does not exist
	focal	Does not exist
	groovy	Does not exist
	hirsute	Does not exist
	impish	Does not exist
	jammy	Does not exist
	kinetic	Does not exist
	lunar	Does not exist
	mantic	Does not exist
	precise	Does not exist
	trusty	Released (5.6.33-0ubuntu0.14.04.1)
	upstream	Released (5.6.33)
	xenial	Does not exist
	yakkety	Does not exist
	zesty	Does not exist
mysql-5.7 Launchpad, Ubuntu, Debian	artful	Released (5.7.15-0ubuntu2)
	bionic	Released (5.7.15-0ubuntu2)
	cosmic	Released (5.7.15-0ubuntu2)
	disco	Released (5.7.15-0ubuntu2)
	eoan	Does not exist
	focal	Does not exist
	groovy	Does not exist
	hirsute	Does not exist
	impish	Does not exist
	jammy	Does not exist
	kinetic	Does not exist
	lunar	Does not exist
	mantic	Does not exist
	precise	Does not exist
	trusty	Does not exist
	upstream	Released (5.7.15)
	xenial	Released (5.7.15-0ubuntu0.16.04.1)
	yakkety	Released (5.7.15-0ubuntu2)
	zesty	Released (5.7.15-0ubuntu2)
mysql-8.0 Launchpad, Ubuntu, Debian	bionic	Does not exist
	disco	Does not exist
	eoan	Not vulnerable
	focal	Not vulnerable
	groovy	Not vulnerable
	hirsute	Not vulnerable
	impish	Not vulnerable
	jammy	Not vulnerable
	kinetic	Not vulnerable
	lunar	Not vulnerable
	mantic	Not vulnerable
	trusty	Does not exist
	upstream	Needs triage
	xenial	Does not exist
percona-server-5.6 Launchpad, Ubuntu, Debian	artful	Ignored (end of life)
	bionic	Does not exist
	cosmic	Does not exist
	disco	Does not exist
	eoan	Does not exist
	focal	Does not exist
	groovy	Does not exist
	hirsute	Does not exist
	impish	Does not exist
	jammy	Does not exist
	kinetic	Does not exist
	lunar	Does not exist
	mantic	Does not exist
	precise	Does not exist
	trusty	Does not exist
	upstream	Needs triage
	xenial	Needed
	yakkety	Ignored (end of life)
	zesty	Ignored (end of life)
percona-xtradb-cluster-5.5 Launchpad, Ubuntu, Debian	artful	Does not exist
	bionic	Does not exist
	cosmic	Does not exist
	disco	Does not exist
	eoan	Does not exist
	focal	Does not exist
	groovy	Does not exist
	hirsute	Does not exist
	impish	Does not exist
	jammy	Does not exist
	kinetic	Does not exist
	lunar	Does not exist
	mantic	Does not exist
	precise	Does not exist
	trusty	Does not exist (trusty was needed)
	upstream	Needs triage
	xenial	Does not exist
	yakkety	Does not exist
	zesty	Does not exist
percona-xtradb-cluster-5.6 Launchpad, Ubuntu, Debian	artful	Not vulnerable (5.6.34-26.19-0ubuntu1)
	bionic	Does not exist
	cosmic	Does not exist
	disco	Does not exist
	eoan	Does not exist
	focal	Does not exist
	groovy	Does not exist
	hirsute	Does not exist
	impish	Does not exist
	jammy	Does not exist
	kinetic	Does not exist
	lunar	Does not exist
	mantic	Does not exist
	precise	Does not exist
	trusty	Does not exist
	upstream	Needs triage
	xenial	Released (5.6.34-26.19-0ubuntu0.16.04.1)
	yakkety	Released (5.6.34-26.19-0ubuntu0.16.10.1)
	zesty	Not vulnerable (5.6.34-26.19-0ubuntu1)

Severity score breakdown

Parameter	Value
Base score	9.8
Attack vector	Network
Attack complexity	Low
Privileges required	None
User interaction	None
Scope	Unchanged
Confidentiality	High
Integrity impact	High
Availability impact	High
Vector	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

Bugs

https://bugzilla.novell.com/show_bug.cgi?id=CVE-2016-6662

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›