CVE-2016-3501

Upstream information

CVE-2016-3501 at MITRE

Description

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.

SUSE information

CVSS v2 Scores
	National Vulnerability Database
Base Score	4.00
Vector	AV:N/AC:L/Au:S/C:N/I:N/A:P
Access Vector	Network
Access Complexity	Low
Authentication	Single
Confidentiality Impact	None
Integrity Impact	None
Availability Impact	Partial

CVSS v3 Scores
	National Vulnerability Database
Base Score	6.5
Vector	AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Access Vector	Network
Access Complexity	Low
Privileges Required	Low
User Interaction	None
Scope	Unchanged
Confidentiality Impact	None
Integrity Impact	None
Availability Impact	High

SUSE Bugzilla entry: 989915 [RESOLVED / INVALID]

SUSE Security Advisories:

openSUSE-SU-2016:2769-1, published Thu, 10 Nov 2016 17:08:28 +0100 (CET)
openSUSE-SU-2016:2788-1, published Sat, 12 Nov 2016 15:04:50 +0100 (CET)

List of released packages

Product(s)	Fixed package version(s)	References
openSUSE 13.2	`libmysql56client18 >= 5.6.34-2.23.1` `libmysql56client18-32bit >= 5.6.34-2.23.1` `libmysql56client18-debuginfo >= 5.6.34-2.23.1` `libmysql56client18-debuginfo-32bit >= 5.6.34-2.23.1` `libmysql56client_r18 >= 5.6.34-2.23.1` `libmysql56client_r18-32bit >= 5.6.34-2.23.1` `mysql-community-server >= 5.6.34-2.23.1` `mysql-community-server-bench >= 5.6.34-2.23.1` `mysql-community-server-bench-debuginfo >= 5.6.34-2.23.1` `mysql-community-server-client >= 5.6.34-2.23.1` `mysql-community-server-client-debuginfo >= 5.6.34-2.23.1` `mysql-community-server-debuginfo >= 5.6.34-2.23.1` `mysql-community-server-debugsource >= 5.6.34-2.23.1` `mysql-community-server-errormessages >= 5.6.34-2.23.1` `mysql-community-server-test >= 5.6.34-2.23.1` `mysql-community-server-test-debuginfo >= 5.6.34-2.23.1` `mysql-community-server-tools >= 5.6.34-2.23.1` `mysql-community-server-tools-debuginfo >= 5.6.34-2.23.1`	Patchnames: openSUSE-2016-1283
openSUSE Leap 42.1	`libmysql56client18 >= 5.6.34-19.2` `libmysql56client18-32bit >= 5.6.34-19.2` `libmysql56client18-debuginfo >= 5.6.34-19.2` `libmysql56client18-debuginfo-32bit >= 5.6.34-19.2` `libmysql56client_r18 >= 5.6.34-19.2` `libmysql56client_r18-32bit >= 5.6.34-19.2` `mysql-community-server >= 5.6.34-19.2` `mysql-community-server-bench >= 5.6.34-19.2` `mysql-community-server-bench-debuginfo >= 5.6.34-19.2` `mysql-community-server-client >= 5.6.34-19.2` `mysql-community-server-client-debuginfo >= 5.6.34-19.2` `mysql-community-server-debuginfo >= 5.6.34-19.2` `mysql-community-server-debugsource >= 5.6.34-19.2` `mysql-community-server-errormessages >= 5.6.34-19.2` `mysql-community-server-test >= 5.6.34-19.2` `mysql-community-server-test-debuginfo >= 5.6.34-19.2` `mysql-community-server-tools >= 5.6.34-19.2` `mysql-community-server-tools-debuginfo >= 5.6.34-19.2`	Patchnames: openSUSE-2016-1283
openSUSE Leap 42.2	`libmysql56client18 >= 5.6.34-19.2` `libmysql56client18-32bit >= 5.6.34-19.2` `libmysql56client18-debuginfo >= 5.6.34-19.2` `libmysql56client18-debuginfo-32bit >= 5.6.34-19.2` `libmysql56client_r18 >= 5.6.34-19.2` `libmysql56client_r18-32bit >= 5.6.34-19.2` `mysql-community-server >= 5.6.34-19.2` `mysql-community-server-bench >= 5.6.34-19.2` `mysql-community-server-bench-debuginfo >= 5.6.34-19.2` `mysql-community-server-client >= 5.6.34-19.2` `mysql-community-server-client-debuginfo >= 5.6.34-19.2` `mysql-community-server-debuginfo >= 5.6.34-19.2` `mysql-community-server-debugsource >= 5.6.34-19.2` `mysql-community-server-errormessages >= 5.6.34-19.2` `mysql-community-server-test >= 5.6.34-19.2` `mysql-community-server-test-debuginfo >= 5.6.34-19.2` `mysql-community-server-tools >= 5.6.34-19.2` `mysql-community-server-tools-debuginfo >= 5.6.34-19.2`	Patchnames: openSUSE-2016-1289
openSUSE Tumbleweed	`libmysql56client18 >= 5.6.34-1.1` `libmysql56client18-32bit >= 5.6.34-1.1` `libmysql56client_r18 >= 5.6.34-1.1` `libmysql56client_r18-32bit >= 5.6.34-1.1` `mysql-community-server >= 5.6.34-1.1` `mysql-community-server-bench >= 5.6.34-1.1` `mysql-community-server-client >= 5.6.34-1.1` `mysql-community-server-errormessages >= 5.6.34-1.1` `mysql-community-server-test >= 5.6.34-1.1` `mysql-community-server-tools >= 5.6.34-1.1`	Patchnames: openSUSE Tumbleweed GA libmysql56client18-32bit