1
Candidate: CVE-2016-6664
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6664
5
http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html
6
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL
8
mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x
9
through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before
10
5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before
11
5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when
12
using file-based logging, allows local users with access to the mysql
13
account to gain root privileges via a symlink attack on error logs and
17
mdeslaur> This is a dupe of CVE-2016-5617
19
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842895
20
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=841049
22
Discovered-by: Dawid Golunski
26
upstream_mariadb-10.0: released (10.0.29)
27
precise_mariadb-10.0: DNE
28
trusty_mariadb-10.0: DNE
29
vivid/ubuntu-core_mariadb-10.0: DNE
30
vivid/stable-phone-overlay_mariadb-10.0: DNE
31
xenial_mariadb-10.0: released (10.0.29-0ubuntu0.16.04.1)
32
yakkety_mariadb-10.0: released (10.0.29-0ubuntu0.16.10.1)
33
devel_mariadb-10.0: DNE
36
upstream_mysql-5.5: released (5.5.52)
37
precise_mysql-5.5: released (5.5.52-0ubuntu0.12.04.1)
38
trusty_mysql-5.5: released (5.5.52-0ubuntu0.14.04.1)
40
vivid/ubuntu-core_mysql-5.5: DNE
41
vivid/stable-phone-overlay_mysql-5.5: DNE
43
yakkety_mysql-5.5: DNE
47
upstream_mysql-5.6: released (5.6.33)
48
precise_mysql-5.6: DNE
49
trusty_mysql-5.6: not-affected (5.6.33-0ubuntu0.14.04.1)
50
vivid/ubuntu-core_mysql-5.6: DNE
51
vivid/stable-phone-overlay_mysql-5.6: DNE
53
yakkety_mysql-5.6: DNE
57
upstream_mysql-5.7: released (5.7.15)
58
precise_mysql-5.7: DNE
60
vivid/ubuntu-core_mysql-5.7: DNE
61
vivid/stable-phone-overlay_mysql-5.7: DNE
62
xenial_mysql-5.7: not-affected (5.7.15-0ubuntu0.16.04.1)
63
yakkety_mysql-5.7: not-affected (5.7.15-0ubuntu2)
64
devel_mysql-5.7: not-affected (5.7.15-0ubuntu2)