Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.
[
{
"signature_type": "Function",
"target": {
"function": "init_common_variables",
"file": "sql/mysqld.cc"
},
"digest": {
"length": 10175.0,
"function_hash": "262319326199199505806627401201410805668"
},
"id": "CVE-2016-6663-2c19b237",
"source": "https://github.com/mariadb/server/commit/347eeefbfc658c8531878218487d729f4e020805",
"signature_version": "v1",
"deprecated": false
},
{
"signature_type": "Function",
"target": {
"function": "my_redel",
"file": "mysys/my_redel.c"
},
"digest": {
"length": 606.0,
"function_hash": "195743337054551639795236640843175325462"
},
"id": "CVE-2016-6663-438ab69b",
"source": "https://github.com/mariadb/server/commit/347eeefbfc658c8531878218487d729f4e020805",
"signature_version": "v1",
"deprecated": false
},
{
"signature_type": "Line",
"target": {
"file": "mysys/my_redel.c"
},
"digest": {
"line_hashes": [
"124687595909785567538765188232277988973",
"83732096556387150274615466118948077612",
"175667979982943242943117294983431153901",
"110041368375643820379187479017862529507",
"53656702135187289377974439619392192524"
],
"threshold": 0.9
},
"id": "CVE-2016-6663-5aa320be",
"source": "https://github.com/mariadb/server/commit/347eeefbfc658c8531878218487d729f4e020805",
"signature_version": "v1",
"deprecated": false
},
{
"signature_type": "Line",
"target": {
"file": "include/my_sys.h"
},
"digest": {
"line_hashes": [
"204857641822545259624692295957400965273",
"241881475509794065742202524545529865730",
"220867298038812200121245944278101602115",
"42781184582441300900379110056144557069",
"140077583051860542236562203061000408419"
],
"threshold": 0.9
},
"id": "CVE-2016-6663-7e57670c",
"source": "https://github.com/mariadb/server/commit/347eeefbfc658c8531878218487d729f4e020805",
"signature_version": "v1",
"deprecated": false
},
{
"signature_type": "Line",
"target": {
"file": "mysys/my_static.c"
},
"digest": {
"line_hashes": [
"81496441030339131816656121845420665094",
"302625491858400971457234939451495549748",
"6827239584925624247613973362449513601"
],
"threshold": 0.9
},
"id": "CVE-2016-6663-dbd7e0a8",
"source": "https://github.com/mariadb/server/commit/347eeefbfc658c8531878218487d729f4e020805",
"signature_version": "v1",
"deprecated": false
},
{
"signature_type": "Line",
"target": {
"file": "sql/mysqld.cc"
},
"digest": {
"line_hashes": [
"113653453795459072047227819278406290569",
"205000405171199861407951977585919257745",
"235516704714933514093155642919855990104",
"226523148360695621250871189521955661104"
],
"threshold": 0.9
},
"id": "CVE-2016-6663-e13387dd",
"source": "https://github.com/mariadb/server/commit/347eeefbfc658c8531878218487d729f4e020805",
"signature_version": "v1",
"deprecated": false
}
]
[
{
"signature_type": "Function",
"target": {
"function": "ha_myisam::repair",
"file": "storage/myisam/ha_myisam.cc"
},
"digest": {
"length": 3646.0,
"function_hash": "276458813327328109121598275008083856050"
},
"id": "CVE-2016-6663-012dd5ec",
"source": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291",
"signature_version": "v1",
"deprecated": false
},
{
"signature_type": "Line",
"target": {
"file": "storage/myisam/myisamchk.c"
},
"digest": {
"line_hashes": [
"156747042709335812239404857506504410227",
"231013385882616307362406484768393737594",
"247960275209919284425338247079266469796",
"94807745408925440267731616078773576765",
"292954708868220498858023134167179854521",
"215260897919776134769321196844271116522",
"327128402110047950727104259926443580298",
"37976955491392340010177804303314394070",
"31315364733805639904528875242370861535",
"23636445271699933478695614301336166186",
"142715726683166353606659931262966719615",
"113692683138749293938330979319571407078",
"239600725090668646360398799798242750812",
"141812422202096306878564551066768604157",
"116236903139257876953709171425674968247",
"142977855023063429113069970929363690371",
"247339910353859068544950836473596706959",
"184380523307018949517664805909490614929",
"235176238933677209035163335589649113259",
"122545716063765501173559697396925000324",
"253637046813155317159809229205987279491",
"64543028489523349328242021984464194566"
],
"threshold": 0.9
},
"id": "CVE-2016-6663-0e9b3c17",
"source": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291",
"signature_version": "v1",
"deprecated": false
},
{
"signature_type": "Line",
"target": {
"file": "mysys/my_redel.c"
},
"digest": {
"line_hashes": [
"268840939935663536748212081556785947708",
"13213608670944391593977601682863524932",
"42022673281319839518881425877770538409",
"295567922588273038243547834376047814269",
"83732096556387150274615466118948077612",
"175667979982943242943117294983431153901",
"110041368375643820379187479017862529507",
"53656702135187289377974439619392192524",
"255265863849625929265871632865269432141"
],
"threshold": 0.9
},
"id": "CVE-2016-6663-11f3a337",
"source": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291",
"signature_version": "v1",
"deprecated": false
},
{
"signature_type": "Function",
"target": {
"function": "mi_repair_parallel",
"file": "storage/myisam/mi_check.c"
},
"digest": {
"length": 11518.0,
"function_hash": "46874045325073224765921741163584709623"
},
"id": "CVE-2016-6663-167b6f87",
"source": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291",
"signature_version": "v1",
"deprecated": false
},
{
"signature_type": "Line",
"target": {
"file": "storage/myisam/ha_myisam.cc"
},
"digest": {
"line_hashes": [
"201283705635448754132665265188137671436",
"296613805033232843133488841355618131989",
"290770581976157747597936953687005700797",
"317483574090711288141675573838371935383",
"262932596244079193037138873302489472737",
"308096480134062339759336998302812093359",
"40944838731279728717127484440448346577",
"90094137937071722639769174500675293628",
"46660997083066777924122253589500738189",
"172888075596071902319285000092358078749",
"233306842955875534311349834496105153115",
"303679630009499061330904604992622401246",
"144549355972847195092265270391635486169",
"20065455137261511726590167784347669069",
"333074141710635353878506192750459148821",
"321017884568555509413173745507597882333",
"170112018022462286709138612090632562697",
"52922199001493150231444090786513723373",
"213376804200464258068302637584522433408",
"251655547742885122498324756722412316001",
"312853271227260979379390432731718380101",
"318406103170310980244111911490146690437",
"288329711256206745116934964892715884557",
"171186147284461007665833970668839574649",
"239213191362046514061273544163485135424",
"131758108625120550413011234646016509642"
],
"threshold": 0.9
},
"id": "CVE-2016-6663-44bbbc2d",
"source": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291",
"signature_version": "v1",
"deprecated": false
},
{
"signature_type": "Line",
"target": {
"file": "storage/myisam/mi_check.c"
},
"digest": {
"line_hashes": [
"42699215182813791121012285968399685361",
"283887813584854565888691497417157357180",
"308992967462514548775190287933262992961",
"280213325654104366914780866890144815731",
"248980031459596922128253564143995866701",
"250986292032979828544759821855331057500",
"288927712402439027009706396030426905626",
"53705054678198983521367532665957133835",
"273747095159405045276183622443483707691",
"113669133169273756262663631928872551246",
"168603377781963905516781435422178458369",
"232225171802750388073270099573340958989",
"69585755261622533388702614730225336173",
"95342301640158575961657907622925632951",
"315458012847417631193154885912884424542",
"12131081452139921587499998896789555826",
"277487103031690622320806890007182892316",
"186602220244811639594054663138278008748",
"173087997298978807669800251024279931962",
"222255978478241429711298864436308573805",
"177323726636066859717087707310528106480",
"287299628530470010984044338728657069257",
"133595270542946639628781352467207623188",
"13827795013520703108712237620662592313",
"76401467057788038773742128719613617138",
"128504660564266791888306851137419797961",
"208363716006632155423818890780186475368",
"250986292032979828544759821855331057500",
"288927712402439027009706396030426905626",
"53705054678198983521367532665957133835",
"134882972019238768994021430152751346849",
"226157148384397825808416733684846808501",
"44198304063688099870505427636626043103",
"232225171802750388073270099573340958989",
"69585755261622533388702614730225336173",
"89863585585117615111631960149423304978",
"170211683214940972715656533162695208785",
"226905967229131781338309747750819999242",
"189019889339060272823930724907516586024",
"251287378081451584581669384615429917886",
"182233386314124646865893770141230208085",
"250986292032979828544759821855331057500",
"288927712402439027009706396030426905626",
"53705054678198983521367532665957133835",
"134882972019238768994021430152751346849",
"226157148384397825808416733684846808501",
"44198304063688099870505427636626043103",
"232225171802750388073270099573340958989",
"69585755261622533388702614730225336173",
"89863585585117615111631960149423304978"
],
"threshold": 0.9
},
"id": "CVE-2016-6663-971f3d65",
"source": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291",
"signature_version": "v1",
"deprecated": false
},
{
"signature_type": "Function",
"target": {
"function": "my_redel",
"file": "mysys/my_redel.c"
},
"digest": {
"length": 694.0,
"function_hash": "292832109208458826524827815740674481880"
},
"id": "CVE-2016-6663-a4ab53e0",
"source": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291",
"signature_version": "v1",
"deprecated": false
},
{
"signature_type": "Line",
"target": {
"file": "include/myisam.h"
},
"digest": {
"line_hashes": [
"52191238680556084602184331467585717316",
"165500393937282181612836691971469098274",
"199298288664273736627721031451492543318",
"184926282695259036073269894408201576817",
"12484044925468655610656013300142054402",
"172054397009567870522721359562446896055",
"202249256637765096405274741918339176252",
"261386577292418474757752630291786559818",
"318757889588542971244826735996883594616",
"120795515728839937243591388654352490317"
],
"threshold": 0.9
},
"id": "CVE-2016-6663-a7ba197e",
"source": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291",
"signature_version": "v1",
"deprecated": false
},
{
"signature_type": "Function",
"target": {
"function": "myisamchk",
"file": "storage/myisam/myisamchk.c"
},
"digest": {
"length": 11412.0,
"function_hash": "161807721212549749744447256380498804981"
},
"id": "CVE-2016-6663-a8a47b33",
"source": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291",
"signature_version": "v1",
"deprecated": false
},
{
"signature_type": "Function",
"target": {
"function": "mi_sort_index",
"file": "storage/myisam/mi_check.c"
},
"digest": {
"length": 2846.0,
"function_hash": "60193803830240735526068407873093331498"
},
"id": "CVE-2016-6663-abcb229c",
"source": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291",
"signature_version": "v1",
"deprecated": false
},
{
"signature_type": "Function",
"target": {
"function": "mi_repair_by_sort",
"file": "storage/myisam/mi_check.c"
},
"digest": {
"length": 10095.0,
"function_hash": "30622865852041770431449650785887601474"
},
"id": "CVE-2016-6663-df2b0ca8",
"source": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291",
"signature_version": "v1",
"deprecated": false
},
{
"signature_type": "Function",
"target": {
"function": "mi_repair",
"file": "storage/myisam/mi_check.c"
},
"digest": {
"length": 7360.0,
"function_hash": "299749847910497993900732133731634673449"
},
"id": "CVE-2016-6663-eb8b92a0",
"source": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291",
"signature_version": "v1",
"deprecated": false
}
]