CVE-2016-0616

MEDIUM severity · CVSS 4

4CVSS MEDIUM

Summary

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

Impact & exploitability

Attack vectorNetwork

Attack complexityLow

Privileges required—

User interaction—

Confidentiality impactNone

Integrity impactNone

Availability impact—

Exploit probability (EPSS)0%

AV:N/AC:L/Au:S/C:N/I:N/A:P

Affected products we track (4)

MySQL MariaDB Ubuntu Debian

Recommendation

Apply the vendor fix in your normal patch cycle. Open any affected product above for its exact safe version.

Official patch: http://www.debian.org/security/2016/dsa-3453 ↗

Additional information

NVD record
http://www.debian.org/security/2016/dsa-3453Patch
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.htmlAdvisory
http://rhn.redhat.com/errata/RHSA-2016-0534.htmlAdvisory
http://rhn.redhat.com/errata/RHSA-2016-1480.html
http://rhn.redhat.com/errata/RHSA-2016-1481.html