CVE-2016-6664

mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.

Published: Dec 13, 2016
Updated: Apr 13, 2023
CVE: CVE-2016-6664
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7
AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.9
AV:L/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-59

Affected Software
References

Software	From	Fixed in
oracle / mysql	5.5.0	5.5.51.x
oracle / mysql	5.6.0	5.6.32.x
oracle / mysql	5.7.0	5.7.14.x
mariadb / mariadb	5.5.0	5.5.54
mariadb / mariadb	10.1.0	10.1.21
mariadb / mariadb	10.0.0	10.0.29
percona / percona_server	5.5	5.5.51-38.2
percona / percona_server	5.6	5.6.32-78.1
percona / percona_server	5.7	5.7.14-8
percona / xtradb_cluster	5.5	5.5.41-37.0
percona / xtradb_cluster	5.6	5.6.32-25.17
percona / xtradb_cluster	5.7	5.7.14-26.17

Vulnerability Database

289,599

CVE-2016-6664