SB2016072112 - Input validation error in MariaDB
Published: July 21, 2016 Updated: August 4, 2020
Security Bulletin ID
SB2016072112
Severity
Medium
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Input validation error (CVE-ID: CVE-2016-3615)
The vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.
Remediation
Install update from vendor's website.
References
- http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html
- http://rhn.redhat.com/errata/RHSA-2016-1480.html
- http://rhn.redhat.com/errata/RHSA-2016-1601.html
- http://rhn.redhat.com/errata/RHSA-2016-1602.html
- http://rhn.redhat.com/errata/RHSA-2016-1603.html
- http://rhn.redhat.com/errata/RHSA-2016-1604.html
- http://rhn.redhat.com/errata/RHSA-2016-1637.html
- http://www.debian.org/security/2016/dsa-3624
- http://www.debian.org/security/2016/dsa-3632
- http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.securityfocus.com/bid/91787
- http://www.securityfocus.com/bid/91960
- http://www.securitytracker.com/id/1036362
- http://www.ubuntu.com/usn/USN-3040-1
- http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168
- https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/
- https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/
- https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/