1. Home
  2. Vulnerabilities
  3. CVE-2016-6663

CVE-2016-6663

CVSS v3.0 7 (High)
70% Progress
CVSS v2.0 4.4 (Medium)
44% Progress
EPSS 0.07 % (30th)
0.07% Progress
Affected Products 4
Advisories 10
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.

Weaknesses
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Related CVEs
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2016-12-13 21:59:00
(7 years ago)
Updated Date
2019-03-05 18:23:02
(5 years ago)

Affected Products

Mariadb

Oracle

Percona

Configuration #1

    CPE23 From Up To
  Oracle Mysql from 5.5.0 version and 5.5.52 and prior versions cpe:2.3:a:oracle:mysql >= 5.5.0 <= 5.5.52
  Oracle Mysql from 5.6.0 version and 5.6.33 and prior versions cpe:2.3:a:oracle:mysql >= 5.6.0 <= 5.6.33
  Oracle Mysql from 5.7.0 version and 5.7.15 and prior versions cpe:2.3:a:oracle:mysql >= 5.7.0 <= 5.7.15

Configuration #2

    CPE23 From Up To
  Percona Server from 5.5 version and prior 5.5.51-38.2 version cpe:2.3:a:percona:percona_server >= 5.5 < 5.5.51-38.2
  Percona Server from 5.6 version and prior 5.6.32-78.1 version cpe:2.3:a:percona:percona_server >= 5.6 < 5.6.32-78.1
  Percona Server from 5.7 version and prior 5.7.14-8 version cpe:2.3:a:percona:percona_server >= 5.7 < 5.7.14-8
  Percona Xtradb Cluster from 5.5 version and prior 5.5.41-37.0 version cpe:2.3:a:percona:xtradb_cluster >= 5.5 < 5.5.41-37.0
  Percona Xtradb Cluster from 5.6 version and prior 5.6.32-25.17 version cpe:2.3:a:percona:xtradb_cluster >= 5.6 < 5.6.32-25.17
  Percona Xtradb Cluster from 5.7 version and prior 5.7.14-26.17 version cpe:2.3:a:percona:xtradb_cluster >= 5.7 < 5.7.14-26.17

Configuration #3

    CPE23 From Up To
  Mariadb from 5.5.20 version and prior 5.5.52 version cpe:2.3:a:mariadb:mariadb >= 5.5.20 < 5.5.52
  Mariadb from 10.0.0 version and prior 10.0.28 version cpe:2.3:a:mariadb:mariadb >= 10.0.0 < 10.0.28
  Mariadb from 10.1.0 version and prior 10.1.18 version cpe:2.3:a:mariadb:mariadb >= 10.1.0 < 10.1.18

Configuration #4

    CPE23 From Up To
  Oracle Mysql 8.0 cpe:2.3:a:oracle:mysql:8.0