VDB

ALPINE-CVE-2016-6664

ALPINE-CVE-2016-6664 PUBLISHED CVSS 7 HIGH

mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.

Risk Scores

CVSS 3.1
7
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Alpine:v3.8mariadb0, 0, 10.0.21-r0
Alpine:v3.18mariadb0, 0, 5.5.43-r5
Alpine:v3.11mariadb10.0.21-r2, 0, 5.5.43-r5
Alpine:v3.4mariadb5.5.42-r2, 0, 5.5.43-r5
Alpine:v3.9mariadb10.0.21-r1, 10.0.21-r2, 10.1.11-r1
Alpine:v3.20mariadb0, 5.5.43-r5, 5.5.43-r4
Alpine:v3.13mariadb5.5.41-r2, 10.1.11-r1, 10.1.12-r0
Alpine:v3.10mariadb5.5.43-r5, 5.5.43-r4, 5.5.43-r3
Alpine:v3.12mariadb5.5.43-r1, 0, 10.0.21-r0
Alpine:v3.7mariadb10.0.21-r0, 10.0.21-r2, 10.1.11-r0
Alpine:v3.16mariadb0, 10.0.21-r0, 10.0.21-r1
Alpine:v3.19mariadb10.0.21-r0, 10.0.21-r2, 10.1.11-r0
Alpine:v3.22mariadb0, 5.5.43-r5, 5.5.43-r4
Alpine:v3.5mariadb10.1.11-r0, 0, 5.5.43-r5
Alpine:v3.17mariadb5.5.43-r2, 5.5.43-r1, 5.5.42-r3
Alpine:v3.23mariadb0, 10.1.14-r1, 0
Alpine:v3.15mariadb10.1.8-r0, 5.5.43-r5, 5.5.43-r4
Alpine:v3.3mariadb0, 0, 5.5.43-r5
Alpine:v3.24mariadb0
Alpine:v3.6mariadb10.1.8-r1, 10.0.21-r0, 10.0.21-r1

…and 2 more

Timeline

  • Dec 13, 2016 CVE Published
  • Apr 30, 2026 Distribution Patch
  • Jun 9, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›