RHSA-2016:2927
Advisory lineage Upstream: 13 Downstream: 0
Published: 13 Sept 2024, 14:37
Last modified:13 May 2026, 10:35
Vulnerability Summary
Overall Risk (default)
high
70/100 CVSS Score
9.8 CRITICAL
3.0 (osv_red_hat)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
13 Sept 2024, 14:37
Published
Vulnerability first disclosed
13 May 2026, 10:35
Last Modified
Vulnerability information updated
Description
Red Hat Security Advisory: rh-mariadb100-mariadb security update
CVSS Metrics
- v3.0•CRITICAL•Score: 9.8CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Systems
- redhat•rh-mariadb100-mariadb
< 1:10.0.28-5.el6 | < 1:10.0.28-5.el7
- redhat•rh-mariadb100-mariadb-bench
< 1:10.0.28-5.el6 | < 1:10.0.28-5.el7
- redhat•rh-mariadb100-mariadb-common
< 1:10.0.28-5.el6 | < 1:10.0.28-5.el7
- redhat•rh-mariadb100-mariadb-config
< 1:10.0.28-5.el6 | < 1:10.0.28-5.el7
- redhat•rh-mariadb100-mariadb-debuginfo
< 1:10.0.28-5.el6 | < 1:10.0.28-5.el7
- redhat•rh-mariadb100-mariadb-devel
< 1:10.0.28-5.el6 | < 1:10.0.28-5.el7
- redhat•rh-mariadb100-mariadb-errmsg
< 1:10.0.28-5.el6 | < 1:10.0.28-5.el7
- redhat•rh-mariadb100-mariadb-oqgraph-engine
< 1:10.0.28-5.el6 | < 1:10.0.28-5.el7
- redhat•rh-mariadb100-mariadb-server
< 1:10.0.28-5.el6 | < 1:10.0.28-5.el7
- redhat•rh-mariadb100-mariadb-test
< 1:10.0.28-5.el6 | < 1:10.0.28-5.el7
References (62)
- https://access.redhat.com/errata/RHSA-2016:2927
- https://access.redhat.com/security/updates/classification/#important
- http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL
- https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/
- https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/
- https://bugzilla.redhat.com/show_bug.cgi?id=1375198
- https://bugzilla.redhat.com/show_bug.cgi?id=1378936
- https://bugzilla.redhat.com/show_bug.cgi?id=1386554
- https://bugzilla.redhat.com/show_bug.cgi?id=1386561
- https://bugzilla.redhat.com/show_bug.cgi?id=1386566
- https://bugzilla.redhat.com/show_bug.cgi?id=1386568
- https://bugzilla.redhat.com/show_bug.cgi?id=1386572
- https://bugzilla.redhat.com/show_bug.cgi?id=1386573
- https://bugzilla.redhat.com/show_bug.cgi?id=1386585
- https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_2927.json
- https://access.redhat.com/security/cve/CVE-2016-3492
- https://www.cve.org/CVERecord?id=CVE-2016-3492
- https://nvd.nist.gov/vuln/detail/CVE-2016-3492
- http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881724.html#AppendixMSQL
- https://access.redhat.com/security/cve/CVE-2016-5483
- https://bugzilla.redhat.com/show_bug.cgi?id=1433010
- https://www.cve.org/CVERecord?id=CVE-2016-5483
- https://nvd.nist.gov/vuln/detail/CVE-2016-5483
- https://blog.tarq.io/cve-2016-5483-backdooring-mysqldump-backups/
- https://blog.tarq.io/cve-2016-5483-galera-remote-command-execution-via-crafted-database-name/
- https://access.redhat.com/security/cve/CVE-2016-5612
- https://www.cve.org/CVERecord?id=CVE-2016-5612
- https://nvd.nist.gov/vuln/detail/CVE-2016-5612
- https://access.redhat.com/security/cve/CVE-2016-5616
- https://www.cve.org/CVERecord?id=CVE-2016-5616
- https://nvd.nist.gov/vuln/detail/CVE-2016-5616
- https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.txt
- https://access.redhat.com/security/cve/CVE-2016-5624
- https://www.cve.org/CVERecord?id=CVE-2016-5624
- https://nvd.nist.gov/vuln/detail/CVE-2016-5624
- https://access.redhat.com/security/cve/CVE-2016-5626
- https://www.cve.org/CVERecord?id=CVE-2016-5626
- https://nvd.nist.gov/vuln/detail/CVE-2016-5626
- https://access.redhat.com/security/cve/CVE-2016-5629
- https://www.cve.org/CVERecord?id=CVE-2016-5629
- https://nvd.nist.gov/vuln/detail/CVE-2016-5629
- https://access.redhat.com/security/cve/CVE-2016-5630
- https://www.cve.org/CVERecord?id=CVE-2016-5630
- https://nvd.nist.gov/vuln/detail/CVE-2016-5630
- https://access.redhat.com/security/cve/CVE-2016-6662
- https://www.cve.org/CVERecord?id=CVE-2016-6662
- https://nvd.nist.gov/vuln/detail/CVE-2016-6662
- https://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.txt
- https://access.redhat.com/security/cve/CVE-2016-6663
- https://www.cve.org/CVERecord?id=CVE-2016-6663
- https://nvd.nist.gov/vuln/detail/CVE-2016-6663
- https://access.redhat.com/security/cve/CVE-2016-8283
- https://www.cve.org/CVERecord?id=CVE-2016-8283
- https://nvd.nist.gov/vuln/detail/CVE-2016-8283
- https://access.redhat.com/security/cve/CVE-2017-3600
- https://www.cve.org/CVERecord?id=CVE-2017-3600
- https://nvd.nist.gov/vuln/detail/CVE-2017-3600
- https://access.redhat.com/security/cve/CVE-2017-3651
- https://bugzilla.redhat.com/show_bug.cgi?id=1472708
- https://www.cve.org/CVERecord?id=CVE-2017-3651
- https://nvd.nist.gov/vuln/detail/CVE-2017-3651
- http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL