Wind River Support Network

HomeDefectsLIN8-5276
Fixed

LIN8-5276 : Security Advisory - mysql - CVE-2016-6664

Created: Dec 15, 2016    Updated: Dec 3, 2018
Resolved Date: Dec 18, 2016
Found In Version: 8.0.0.11
Fix Version: 8.0.0.13
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Userspace

Description

mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6664

Other Downloads

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube