CVE-2016-6663
Summary
| CVE | CVE-2016-6663 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2016-12-13 21:59:00 UTC |
| Updated | 2026-05-06 22:30:45 UTC |
| Description | Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table. |
Risk And Classification
Primary CVSS: v3.0 7 HIGH from [email protected]
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Problem Types: CWE-362 | n/a
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.0 | [email protected] | Primary | 7 | HIGH | CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
| 2.0 | [email protected] | Primary | 4.4 | AV:L/AC:M/Au:N/C:P/I:P/A:P |
CVSS v3.0 Breakdown
Attack Vector
LocalAttack Complexity
HighPrivileges Required
LowUser Interaction
NoneScope
UnchangedConfidentiality
HighIntegrity
HighAvailability
HighCVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS v2.0 Breakdown
Access Vector
LocalAccess Complexity
MediumAuthentication
NoneConfidentiality
PartialIntegrity
PartialAvailability
PartialAV:L/AC:M/Au:N/C:P/I:P/A:P
NVD Known Affected Configurations (CPE 2.3)
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - 'mysql' System User Privilege Escalation / Race Condition | af854a3a-2127-422b-91ae-364da2661108 | www.exploit-db.com | Exploit, Third Party Advisory, VDB Entry |
| MySQL :: MySQL 5.5 Release Notes :: Changes in MySQL 5.5.52 (2016-09-06, General Availability) | af854a3a-2127-422b-91ae-364da2661108 | dev.mysql.com | Issue Tracking, Vendor Advisory |
| Oracle MySQL CVE-2016-6663 Unspecified Security Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | Third Party Advisory, VDB Entry |
| Red Hat Customer Portal | af854a3a-2127-422b-91ae-364da2661108 | rhn.redhat.com | Third Party Advisory |
| Red Hat Customer Portal | af854a3a-2127-422b-91ae-364da2661108 | rhn.redhat.com | Third Party Advisory |
| Red Hat Customer Portal | af854a3a-2127-422b-91ae-364da2661108 | rhn.redhat.com | Third Party Advisory |
| Oracle Critical Patch Update - October 2016 | af854a3a-2127-422b-91ae-364da2661108 | www.oracle.com | Patch, Vendor Advisory |
| Bug#24388746: PRIVILEGE ESCALATION AND RACE CONDITION USING CREATE TABLE · mysql/mysql-server@4e54738 · GitHub | af854a3a-2127-422b-91ae-364da2661108 | github.com | Issue Tracking, Patch, Third Party Advisory |
| don't use my_copystat in the server · MariaDB/server@347eeef · GitHub | af854a3a-2127-422b-91ae-364da2661108 | github.com | Issue Tracking, Patch, Third Party Advisory |
| MariaDB 10.0.28 Release Notes - MariaDB Knowledge Base | af854a3a-2127-422b-91ae-364da2661108 | mariadb.com | Release Notes, Vendor Advisory |
| Red Hat Customer Portal | af854a3a-2127-422b-91ae-364da2661108 | rhn.redhat.com | Third Party Advisory |
| MySQL :: MySQL 5.6 Release Notes :: Changes in MySQL 5.6.33 (2016-09-06, General Availability) | af854a3a-2127-422b-91ae-364da2661108 | dev.mysql.com | Issue Tracking, Vendor Advisory |
| MariaDB 5.5.52 Release Notes - MariaDB Knowledge Base | af854a3a-2127-422b-91ae-364da2661108 | mariadb.com | Release Notes, Vendor Advisory |
| RETIRED: Oracle MySQL CVE-2016-5616 Local Security Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | Third Party Advisory, VDB Entry |
| oss-security - Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | af854a3a-2127-422b-91ae-364da2661108 | www.openwall.com | Mailing List, Third Party Advisory |
| Red Hat Customer Portal | af854a3a-2127-422b-91ae-364da2661108 | rhn.redhat.com | Third Party Advisory |
| Percona responds to CVE-2016-6663 and CVE-2016-6664 - Percona Database Performance Blog | af854a3a-2127-422b-91ae-364da2661108 | www.percona.com | Vendor Advisory |
| Full Disclosure: MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | af854a3a-2127-422b-91ae-364da2661108 | seclists.org | Mailing List, Third Party Advisory |
| Red Hat Customer Portal | af854a3a-2127-422b-91ae-364da2661108 | rhn.redhat.com | Third Party Advisory |
| MySQL :: MySQL 5.7 Release Notes :: Changes in MySQL 5.7.15 (2016-09-06, General Availability) | af854a3a-2127-422b-91ae-364da2661108 | dev.mysql.com | Issue Tracking, Vendor Advisory |
| MariaDB 10.1.18 Release Notes - MariaDB Knowledge Base | af854a3a-2127-422b-91ae-364da2661108 | mariadb.com | Release Notes, Vendor Advisory |
| MySQL :: MySQL 8.0 Release Notes :: Changes in MySQL 8.0.1 (Not yet released, Development Milestone) | af854a3a-2127-422b-91ae-364da2661108 | dev.mysql.com | Issue Tracking, Vendor Advisory |
| MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit | af854a3a-2127-422b-91ae-364da2661108 | legalhackers.com | Exploit, Third Party Advisory |
| Red Hat Customer Portal | af854a3a-2127-422b-91ae-364da2661108 | rhn.redhat.com | Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 378301 Virtuozzo Linux Security Update for mysql-libs (VZLSA-2017:0184)