CVE-2016-5616 - Vulnerability Details

- mysql: race condition while setting stats during MyISAM table repair (CPU Oct 2016)

Description

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-6663. Reason: This candidate is a reservation duplicate of CVE-2016-6663. Notes: All CVE users should reference CVE-2016-6663 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage

Published: 2016-10-25

Score: 7.0 High

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

No data.

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 6
mysql-0:5.1.73-8.el6_8	cpe:/o:redhat:enterprise_linux:6	RHSA-2017:0184	2017-01-24T00:00:00Z
Red Hat Enterprise Linux 7
mariadb-1:5.5.52-1.el7	cpe:/o:redhat:enterprise_linux:7	RHSA-2016:2595	2016-11-03T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 6
mysql55-mysql-0:5.5.52-1.el6	cpe:/a:redhat:rhel_software_collections:2::el6	RHSA-2016:2130	2016-10-31T00:00:00Z
mariadb55-mariadb-0:5.5.53-1.el6	cpe:/a:redhat:rhel_software_collections:2::el6	RHSA-2016:2131	2016-10-31T00:00:00Z
rh-mysql56-mysql-0:5.6.34-2.el6	cpe:/a:redhat:rhel_software_collections:2::el6	RHSA-2016:2749	2016-11-15T00:00:00Z
rh-mariadb100-mariadb-1:10.0.28-5.el6	cpe:/a:redhat:rhel_software_collections:2::el6	RHSA-2016:2927	2016-12-08T00:00:00Z
rh-mariadb101-mariadb-1:10.1.19-6.el6	cpe:/a:redhat:rhel_software_collections:2::el6	RHSA-2016:2928	2016-12-08T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS
mysql55-mysql-0:5.5.52-1.el6	cpe:/a:redhat:rhel_software_collections:2::el6	RHSA-2016:2130	2016-10-31T00:00:00Z
mariadb55-mariadb-0:5.5.53-1.el6	cpe:/a:redhat:rhel_software_collections:2::el6	RHSA-2016:2131	2016-10-31T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS
mysql55-mysql-0:5.5.52-1.el6	cpe:/a:redhat:rhel_software_collections:2::el6	RHSA-2016:2130	2016-10-31T00:00:00Z
mariadb55-mariadb-0:5.5.53-1.el6	cpe:/a:redhat:rhel_software_collections:2::el6	RHSA-2016:2131	2016-10-31T00:00:00Z
rh-mysql56-mysql-0:5.6.34-2.el6	cpe:/a:redhat:rhel_software_collections:2::el6	RHSA-2016:2749	2016-11-15T00:00:00Z
rh-mariadb100-mariadb-1:10.0.28-5.el6	cpe:/a:redhat:rhel_software_collections:2::el6	RHSA-2016:2927	2016-12-08T00:00:00Z
rh-mariadb101-mariadb-1:10.1.19-6.el6	cpe:/a:redhat:rhel_software_collections:2::el6	RHSA-2016:2928	2016-12-08T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7
mysql55-mysql-0:5.5.52-1.el7	cpe:/a:redhat:rhel_software_collections:2::el7	RHSA-2016:2130	2016-10-31T00:00:00Z
mariadb55-mariadb-0:5.5.53-1.el7	cpe:/a:redhat:rhel_software_collections:2::el7	RHSA-2016:2131	2016-10-31T00:00:00Z
rh-mysql56-mysql-0:5.6.34-2.el7	cpe:/a:redhat:rhel_software_collections:2::el7	RHSA-2016:2749	2016-11-15T00:00:00Z
rh-mariadb100-mariadb-1:10.0.28-5.el7	cpe:/a:redhat:rhel_software_collections:2::el7	RHSA-2016:2927	2016-12-08T00:00:00Z
rh-mariadb101-mariadb-1:10.1.19-6.el7	cpe:/a:redhat:rhel_software_collections:2::el7	RHSA-2016:2928	2016-12-08T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7.1 EUS
mysql55-mysql-0:5.5.52-1.el7	cpe:/a:redhat:rhel_software_collections:2::el7	RHSA-2016:2130	2016-10-31T00:00:00Z
mariadb55-mariadb-0:5.5.53-1.el7	cpe:/a:redhat:rhel_software_collections:2::el7	RHSA-2016:2131	2016-10-31T00:00:00Z
rh-mysql56-mysql-0:5.6.34-2.el7	cpe:/a:redhat:rhel_software_collections:2::el7	RHSA-2016:2749	2016-11-15T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7.2 EUS
mysql55-mysql-0:5.5.52-1.el7	cpe:/a:redhat:rhel_software_collections:2::el7	RHSA-2016:2130	2016-10-31T00:00:00Z
mariadb55-mariadb-0:5.5.53-1.el7	cpe:/a:redhat:rhel_software_collections:2::el7	RHSA-2016:2131	2016-10-31T00:00:00Z
rh-mysql56-mysql-0:5.6.34-2.el7	cpe:/a:redhat:rhel_software_collections:2::el7	RHSA-2016:2749	2016-11-15T00:00:00Z
rh-mariadb100-mariadb-1:10.0.28-5.el7	cpe:/a:redhat:rhel_software_collections:2::el7	RHSA-2016:2927	2016-12-08T00:00:00Z
rh-mariadb101-mariadb-1:10.1.19-6.el7	cpe:/a:redhat:rhel_software_collections:2::el7	RHSA-2016:2928	2016-12-08T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7.3 EUS
rh-mariadb100-mariadb-1:10.0.28-5.el7	cpe:/a:redhat:rhel_software_collections:2::el7	RHSA-2016:2927	2016-12-08T00:00:00Z
rh-mariadb101-mariadb-1:10.1.19-6.el7	cpe:/a:redhat:rhel_software_collections:2::el7	RHSA-2016:2928	2016-12-08T00:00:00Z

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Debian DSA	DSA-3711-1	mariadb-10.0 security update

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity High

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.txt
https://nvd.nist.gov/vuln/detail/CVE-2016-5616
https://www.cve.org/CVERecord?id=CVE-2016-5616

History

No history.

Subscriptions

Redhat Enterprise Linux Rhel Software Collections

MITRE

Status: REJECTED

Assigner: oracle

Published: 2016-10-25T14:00:00.000Z

Updated: 2016-12-13T20:57:01.000Z

Reserved: 2016-06-16T00:00:00.000Z

Link: CVE-2016-5616

Vulnrichment

No data.

NVD

Status : Rejected

Published: 2016-10-25T14:31:30.567

Modified: 2023-11-07T02:33:43.790

Link: CVE-2016-5616

Redhat

Severity : Moderate

Publid Date: 2016-09-12T00:00:00Z

Links: CVE-2016-5616 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

CWE-362

Tracking

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity High

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object