{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1587?format=json","vulnerability_id":"VCID-t86q-z6hs-97gx","summary":"","aliases":[{"alias":"CVE-2016-5616"}],"fixed_packages":[],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/355032?format=json","purl":"pkg:rpm/redhat/mariadb@1:5.5.52-1?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9z43-5j8v-m7f2"},{"vulnerability":"VCID-ar8z-cn4m-tkg1"},{"vulnerability":"VCID-d3na-eht7-6uat"},{"vulnerability":"VCID-ftsd-ygx3-7ybj"},{"vulnerability":"VCID-s23v-kzxk-s7gv"},{"vulnerability":"VCID-t86q-z6hs-97gx"},{"vulnerability":"VCID-tg1y-4jrx-6udt"},{"vulnerability":"VCID-y21n-45wz-f7cn"},{"vulnerability":"VCID-yaf1-53h5-2fcm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/mariadb@1:5.5.52-1%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/354184?format=json","purl":"pkg:rpm/redhat/mariadb55-mariadb@5.5.53-1?arch=el6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9z43-5j8v-m7f2"},{"vulnerability":"VCID-ar8z-cn4m-tkg1"},{"vulnerability":"VCID-d3na-eht7-6uat"},{"vulnerability":"VCID-ftsd-ygx3-7ybj"},{"vulnerability":"VCID-nkzk-599e-gycb"},{"vulnerability":"VCID-s23v-kzxk-s7gv"},{"vulnerability":"VCID-t86q-z6hs-97gx"},{"vulnerability":"VCID-tg1y-4jrx-6udt"},{"vulnerability":"VCID-y21n-45wz-f7cn"},{"vulnerability":"VCID-yaf1-53h5-2fcm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/mariadb55-mariadb@5.5.53-1%3Farch=el6"},{"url":"http://public2.vulnerablecode.io/api/packages/354185?format=json","purl":"pkg:rpm/redhat/mariadb55-mariadb@5.5.53-1?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9z43-5j8v-m7f2"},{"vulnerability":"VCID-ar8z-cn4m-tkg1"},{"vulnerability":"VCID-d3na-eht7-6uat"},{"vulnerability":"VCID-ftsd-ygx3-7ybj"},{"vulnerability":"VCID-nkzk-599e-gycb"},{"vulnerability":"VCID-s23v-kzxk-s7gv"},{"vulnerability":"VCID-t86q-z6hs-97gx"},{"vulnerability":"VCID-tg1y-4jrx-6udt"},{"vulnerability":"VCID-y21n-45wz-f7cn"},{"vulnerability":"VCID-yaf1-53h5-2fcm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/mariadb55-mariadb@5.5.53-1%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/355389?format=json","purl":"pkg:rpm/redhat/mysql@5.1.73-8?arch=el6_8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-t86q-z6hs-97gx"},{"vulnerability":"VCID-y21n-45wz-f7cn"},{"vulnerability":"VCID-yaf1-53h5-2fcm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/mysql@5.1.73-8%3Farch=el6_8"},{"url":"http://public2.vulnerablecode.io/api/packages/355030?format=json","purl":"pkg:rpm/redhat/mysql55-mysql@5.5.52-1?arch=el6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9z43-5j8v-m7f2"},{"vulnerability":"VCID-ar8z-cn4m-tkg1"},{"vulnerability":"VCID-d3na-eht7-6uat"},{"vulnerability":"VCID-ftsd-ygx3-7ybj"},{"vulnerability":"VCID-nzag-bg82-jbdt"},{"vulnerability":"VCID-rtw6-nek3-ruct"},{"vulnerability":"VCID-s23v-kzxk-s7gv"},{"vulnerability":"VCID-t86q-z6hs-97gx"},{"vulnerability":"VCID-tg1y-4jrx-6udt"},{"vulnerability":"VCID-y21n-45wz-f7cn"},{"vulnerability":"VCID-yaf1-53h5-2fcm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/mysql55-mysql@5.5.52-1%3Farch=el6"},{"url":"http://public2.vulnerablecode.io/api/packages/355031?format=json","purl":"pkg:rpm/redhat/mysql55-mysql@5.5.52-1?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9z43-5j8v-m7f2"},{"vulnerability":"VCID-ar8z-cn4m-tkg1"},{"vulnerability":"VCID-d3na-eht7-6uat"},{"vulnerability":"VCID-ftsd-ygx3-7ybj"},{"vulnerability":"VCID-nzag-bg82-jbdt"},{"vulnerability":"VCID-rtw6-nek3-ruct"},{"vulnerability":"VCID-s23v-kzxk-s7gv"},{"vulnerability":"VCID-t86q-z6hs-97gx"},{"vulnerability":"VCID-tg1y-4jrx-6udt"},{"vulnerability":"VCID-y21n-45wz-f7cn"},{"vulnerability":"VCID-yaf1-53h5-2fcm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/mysql55-mysql@5.5.52-1%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/353081?format=json","purl":"pkg:rpm/redhat/rh-mariadb100-mariadb@1:10.0.28-5?arch=el6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9z43-5j8v-m7f2"},{"vulnerability":"VCID-ar8z-cn4m-tkg1"},{"vulnerability":"VCID-c1c9-uqhn-yyf4"},{"vulnerability":"VCID-d3na-eht7-6uat"},{"vulnerability":"VCID-ftsd-ygx3-7ybj"},{"vulnerability":"VCID-k45h-cpfh-mqas"},{"vulnerability":"VCID-kmae-wt2d-2fgz"},{"vulnerability":"VCID-nkzk-599e-gycb"},{"vulnerability":"VCID-s23v-kzxk-s7gv"},{"vulnerability":"VCID-t86q-z6hs-97gx"},{"vulnerability":"VCID-tg1y-4jrx-6udt"},{"vulnerability":"VCID-y21n-45wz-f7cn"},{"vulnerability":"VCID-yaf1-53h5-2fcm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-mariadb100-mariadb@1:10.0.28-5%3Farch=el6"},{"url":"http://public2.vulnerablecode.io/api/packages/353082?format=json","purl":"pkg:rpm/redhat/rh-mariadb100-mariadb@1:10.0.28-5?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9z43-5j8v-m7f2"},{"vulnerability":"VCID-ar8z-cn4m-tkg1"},{"vulnerability":"VCID-c1c9-uqhn-yyf4"},{"vulnerability":"VCID-d3na-eht7-6uat"},{"vulnerability":"VCID-ftsd-ygx3-7ybj"},{"vulnerability":"VCID-k45h-cpfh-mqas"},{"vulnerability":"VCID-kmae-wt2d-2fgz"},{"vulnerability":"VCID-nkzk-599e-gycb"},{"vulnerability":"VCID-s23v-kzxk-s7gv"},{"vulnerability":"VCID-t86q-z6hs-97gx"},{"vulnerability":"VCID-tg1y-4jrx-6udt"},{"vulnerability":"VCID-y21n-45wz-f7cn"},{"vulnerability":"VCID-yaf1-53h5-2fcm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-mariadb100-mariadb@1:10.0.28-5%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/353080?format=json","purl":"pkg:rpm/redhat/rh-mariadb101-mariadb@1:10.1.19-6?arch=el6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9z43-5j8v-m7f2"},{"vulnerability":"VCID-ar8z-cn4m-tkg1"},{"vulnerability":"VCID-c1c9-uqhn-yyf4"},{"vulnerability":"VCID-ftsd-ygx3-7ybj"},{"vulnerability":"VCID-k45h-cpfh-mqas"},{"vulnerability":"VCID-nkzk-599e-gycb"},{"vulnerability":"VCID-s23v-kzxk-s7gv"},{"vulnerability":"VCID-t86q-z6hs-97gx"},{"vulnerability":"VCID-tg1y-4jrx-6udt"},{"vulnerability":"VCID-y21n-45wz-f7cn"},{"vulnerability":"VCID-yaf1-53h5-2fcm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-mariadb101-mariadb@1:10.1.19-6%3Farch=el6"},{"url":"http://public2.vulnerablecode.io/api/packages/353083?format=json","purl":"pkg:rpm/redhat/rh-mariadb101-mariadb@1:10.1.19-6?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9z43-5j8v-m7f2"},{"vulnerability":"VCID-ar8z-cn4m-tkg1"},{"vulnerability":"VCID-c1c9-uqhn-yyf4"},{"vulnerability":"VCID-ftsd-ygx3-7ybj"},{"vulnerability":"VCID-k45h-cpfh-mqas"},{"vulnerability":"VCID-nkzk-599e-gycb"},{"vulnerability":"VCID-s23v-kzxk-s7gv"},{"vulnerability":"VCID-t86q-z6hs-97gx"},{"vulnerability":"VCID-tg1y-4jrx-6udt"},{"vulnerability":"VCID-y21n-45wz-f7cn"},{"vulnerability":"VCID-yaf1-53h5-2fcm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-mariadb101-mariadb@1:10.1.19-6%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/355033?format=json","purl":"pkg:rpm/redhat/rh-mysql56-mysql@5.6.34-2?arch=el6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ar8z-cn4m-tkg1"},{"vulnerability":"VCID-ftsd-ygx3-7ybj"},{"vulnerability":"VCID-nzag-bg82-jbdt"},{"vulnerability":"VCID-p86q-xb5w-b3aa"},{"vulnerability":"VCID-rtw6-nek3-ruct"},{"vulnerability":"VCID-s23v-kzxk-s7gv"},{"vulnerability":"VCID-t86q-z6hs-97gx"},{"vulnerability":"VCID-tg1y-4jrx-6udt"},{"vulnerability":"VCID-y21n-45wz-f7cn"},{"vulnerability":"VCID-yaf1-53h5-2fcm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-mysql56-mysql@5.6.34-2%3Farch=el6"},{"url":"http://public2.vulnerablecode.io/api/packages/355034?format=json","purl":"pkg:rpm/redhat/rh-mysql56-mysql@5.6.34-2?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ar8z-cn4m-tkg1"},{"vulnerability":"VCID-ftsd-ygx3-7ybj"},{"vulnerability":"VCID-nzag-bg82-jbdt"},{"vulnerability":"VCID-p86q-xb5w-b3aa"},{"vulnerability":"VCID-rtw6-nek3-ruct"},{"vulnerability":"VCID-s23v-kzxk-s7gv"},{"vulnerability":"VCID-t86q-z6hs-97gx"},{"vulnerability":"VCID-tg1y-4jrx-6udt"},{"vulnerability":"VCID-y21n-45wz-f7cn"},{"vulnerability":"VCID-yaf1-53h5-2fcm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-mysql56-mysql@5.6.34-2%3Farch=el7"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5616.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5616.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:S/C:C/I:C/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1378936","reference_id":"1378936","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1378936"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40678.c","reference_id":"CVE-2016-6663;CVE-2016-5616","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40678.c"},{"reference_url":"https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html","reference_id":"CVE-2016-6663;CVE-2016-5616","reference_type":"exploit","scores":[],"url":"https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2130","reference_id":"RHSA-2016:2130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2131","reference_id":"RHSA-2016:2131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2595","reference_id":"RHSA-2016:2595","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2595"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2749","reference_id":"RHSA-2016:2749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2749"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2927","reference_id":"RHSA-2016:2927","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2927"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2928","reference_id":"RHSA-2016:2928","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2928"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0184","reference_id":"RHSA-2017:0184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0184"}],"weaknesses":[{"cwe_id":362,"name":"Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')","description":"The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently."}],"exploits":[{"date_added":"2016-11-01","description":"MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - 'mysql' System User Privilege Escalation / Race Condition","required_action":null,"due_date":null,"notes":null,"known_ransomware_campaign_use":false,"source_date_published":"2016-11-01","exploit_type":"local","platform":"linux","source_date_updated":"2017-01-30","data_source":"Exploit-DB","source_url":"https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html"}],"severity_range_score":"6.0 - 7.0","exploitability":"2.0","weighted_severity":"6.3","risk_score":10.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t86q-z6hs-97gx"}