CVE-2016-6662

Published: Sep 20, 2016Modified: May 6, 2026

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52, 5.6.33, and 5.7.15.

Affected (30)

Products: Oracle: Mysql · Percona: Percona Server · Mariadb: Mariadb · +2 more

Show all products

Oracle: Mysql · Percona: Percona Server · Mariadb: Mariadb · Debian: Debian Linux · Redhat: Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Server Aus, Enterprise Linux Server Eus, Enterprise Linux Server Tus, Enterprise Linux Workstation, Openstack

1 product

1 product

1 product

1 product

8 products

Enterprise Linux Desktop

Enterprise Linux Server

Enterprise Linux Server Aus

Enterprise Linux Server Eus

Enterprise Linux Server Tus

Enterprise Linux Workstation

Openstack

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Oracle Mysql	From 5.5.0 to 5.5.52
Oracle Mysql	From 5.6.0 to 5.6.33
Oracle Mysql	From 5.7.0 to 5.7.15

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Percona Percona Server	From 5.5 to 5.5.51-38.1
Percona Percona Server	From 5.6 to 5.6.32-78.0
Percona Percona Server	From 5.7 to 5.7.14-7

Configuration C

3 vulnerable

Vulnerable Software	Affected Versions
Mariadb Mariadb	From 10.0.0 to 10.0.27
Mariadb Mariadb	From 10.1.0 to 10.1.17
Mariadb Mariadb	From 5.5.20 to 5.5.51

Configuration D

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 8.0

Configuration E

20 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux	Version 7.0
Redhat Enterprise Linux Desktop	Version 6.0
Redhat Enterprise Linux Desktop	Version 7.0
Redhat Enterprise Linux Server	Version 6.0
Redhat Enterprise Linux Server Aus	Version 7.3
Redhat Enterprise Linux Server Aus	Version 7.4
Redhat Enterprise Linux Server Aus	Version 7.6
Redhat Enterprise Linux Server Eus	Version 7.3
Redhat Enterprise Linux Server Eus	Version 7.4
Redhat Enterprise Linux Server Eus	Version 7.5
Redhat Enterprise Linux Server Eus	Version 7.6
Redhat Enterprise Linux Server Tus	Version 7.3
Redhat Enterprise Linux Server Tus	Version 7.6
Redhat Enterprise Linux Workstation	Version 6.0
Redhat Enterprise Linux Workstation	Version 7.0
Redhat Openstack	Version 5.0
Redhat Openstack	Version 6.0
Redhat Openstack	Version 7.0
Redhat Openstack	Version 8
Redhat Openstack	Version 9

Related CWEs

CWE-264

References (54)

http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html

Source: cve@mitre.org

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-2058.html

Source: cve@mitre.org

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-2059.html

Source: cve@mitre.org

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-2060.html

Source: cve@mitre.org

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-2061.html

Source: cve@mitre.org

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-2062.html

Source: cve@mitre.org

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-2077.html

Source: cve@mitre.org

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-2130.html

Source: cve@mitre.org

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-2131.html

Source: cve@mitre.org

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-2595.html

Source: cve@mitre.org

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-2749.html

Source: cve@mitre.org

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-2927.html

Source: cve@mitre.org

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2016-2928.html

Source: cve@mitre.org

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2017-0184.html

Source: cve@mitre.org

Third Party Advisory

http://seclists.org/fulldisclosure/2016/Sep/23

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://www.debian.org/security/2016/dsa-3666

Source: cve@mitre.org

Third Party Advisory

http://www.openwall.com/lists/oss-security/2016/09/12/3

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/92912

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1036769

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://jira.mariadb.org/browse/MDEV-10465

Source: cve@mitre.org

Issue TrackingVendor Advisory

https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/

Source: cve@mitre.org

Release NotesVendor Advisory

https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/

Source: cve@mitre.org

Release NotesVendor Advisory

https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/

Source: cve@mitre.org

Release NotesVendor Advisory

https://security.gentoo.org/glsa/201701-01

Source: cve@mitre.org

Third Party Advisory

https://www.exploit-db.com/exploits/40360/

Source: cve@mitre.org

ExploitThird Party AdvisoryVDB Entry

https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/

Source: cve@mitre.org

Third Party Advisory

http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html