CVE-2016-6663
- Source
- https://cve.org/CVERecord?id=CVE-2016-6663
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-6663.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2016-6663
- Downstream
- Related
- Published
- 2016-12-13T21:59:00.160Z
- Modified
- 2026-04-11T05:00:40.769649Z
- Severity
-
- 7.0 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.
- References
-
- http://www.securityfocus.com/bid/93614
- http://rhn.redhat.com/errata/RHSA-2016-2131.html
- http://rhn.redhat.com/errata/RHSA-2016-2749.html
- http://www.securityfocus.com/bid/92911
- http://rhn.redhat.com/errata/RHSA-2016-2130.html
- http://rhn.redhat.com/errata/RHSA-2016-2595.html
- http://rhn.redhat.com/errata/RHSA-2017-0184.html
- https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/
- https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/
- http://seclists.org/fulldisclosure/2016/Nov/4
- https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/
- https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/
- http://rhn.redhat.com/errata/RHSA-2016-2927.html
- http://rhn.redhat.com/errata/RHSA-2016-2928.html
- http://www.openwall.com/lists/oss-security/2016/10/25/4
- https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html
- https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html
- https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html
- https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
- https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805
- https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291
- https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html
- https://www.exploit-db.com/exploits/40678/
Affected packages
Git / github.com/mariadb/server
Affected ranges
- Type
- GIT
- Repo
- https://github.com/mariadb/server
- Events
- Database specific
{ "versions": [ { "introduced": "10.0.0" }, { "fixed": "10.0.28" }, { "introduced": "10.1.0" }, { "fixed": "10.1.18" } ] }
- Type
- GIT
- Repo
- https://github.com/mysql/mysql-server
- Events
-
IntroducedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroducedFixedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedFixed
- Database specific
{ "versions": [ { "introduced": "5.5.0" }, { "last_affected": "5.5.52" }, { "introduced": "5.6.0" }, { "last_affected": "5.6.33" }, { "introduced": "5.7.0" }, { "last_affected": "5.7.15" }, { "introduced": "5.5.20" }, { "fixed": "5.5.52" }, { "introduced": "0" }, { "last_affected": "8.0" } ] }
- Type
- GIT
- Repo
- https://github.com/percona/percona-server
- Events
-
IntroducedFixedIntroduced0 Unknown introduced commit / All previous commits are affectedFixedIntroduced0 Unknown introduced commit / All previous commits are affectedFixedIntroducedFixed
- Database specific
{ "versions": [ { "introduced": "5.5" }, { "fixed": "5.5.51-38.2" }, { "introduced": "5.6" }, { "fixed": "5.6.32-78.1" }, { "introduced": "5.7" }, { "fixed": "5.7.14-8" }, { "introduced": "5.5" }, { "fixed": "5.5.41-37.0" } ] }
- Type
- GIT
- Repo
- https://github.com/percona/percona-xtradb-cluster
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedIntroduced0 Unknown introduced commit / All previous commits are affectedFixed
- Database specific
{ "versions": [ { "introduced": "5.6" }, { "fixed": "5.6.32-25.17" }, { "introduced": "5.7" }, { "fixed": "5.7.14-26.17" } ] }
Affected versions
Percona-Server-5.*
Percona-Server-5.5.34-32.0
Percona-Server-5.5.35-33.0
Percona-Server-5.5.51-38.1
Percona-Server-5.6.14-62.0
Percona-Server-5.6.15-63.0
Percona-Server-5.6.22-72.0
Percona-Server-5.6.32-78.0
Percona-Server-5.6.5-60.0
Percona-Server-5.7.14-7
Percona-XtraDB-Cluster-5.*
Percona-XtraDB-Cluster-5.6.14-25.1
Percona-XtraDB-Cluster-5.6.15-25.2
Percona-XtraDB-Cluster-5.6.15-25.3
Percona-XtraDB-Cluster-5.6.15-25.4
Percona-XtraDB-Cluster-5.6.15-25.5
Percona-XtraDB-Cluster-5.6.19-25.6
Percona-XtraDB-Cluster-5.6.20-25.7
Percona-XtraDB-Cluster-5.6.24-25.11
clone-5.*
clone-5.1.0-build
clone-5.1.31-pv-0.2.0-build
clone-5.1.4-build
clone-5.4.0-build
clone-5.6.3-m5-build
clone-5.6.3-m6-build
last-PS-5.*
last-PS-5.5-as-patches
mariadb-10.*
mariadb-10.1.0
mariadb-10.1.10
mariadb-10.1.11
mariadb-10.1.12
mariadb-10.1.13
mariadb-10.1.14
mariadb-10.1.15
mariadb-10.1.16
mariadb-10.1.17
mariadb-10.1.2
mariadb-10.1.3
mariadb-10.1.4
mariadb-10.1.5
mariadb-10.1.6
mariadb-10.1.7
mariadb-10.1.8
mariadb-10.1.9
mysql-3.*
mysql-3.23.22-beta
mysql-3.23.28-gamma
mysql-3.23.30-gamma
mysql-3.23.31
mysql-3.23.32
mysql-3.23.33
mysql-3.23.36
mysql-4.*
mysql-4.0.2
mysql-4.0.4
mysql-5.*
mysql-5.1.4
mysql-5.5.15
mysql-5.5.19
mysql-5.5.23
mysql-5.5.25
mysql-5.5.27
mysql-5.5.44
mysql-5.5.47
mysql-5.5.49
mysql-5.5.52
mysql-5.6.33
mysql-5.7.15
mysql-8.*
mysql-8.0.0
mysql_4.*
mysql_4.0
mysqlsummit-0.*
mysqlsummit-0.2.0
mysqlsummit-0.2.0-build
mysqlsummit-0.2.1
mysqlsummit-0.2.1-build
Other
pre-null-merge
pxc_5.*
pxc_5.6.25-25.12-3.12
Database specific
vanir_signatures_modified
"2026-04-11T05:00:40Z"
vanir_signatures
[
{
"deprecated": false,
"target": {
"file": "storage/myisam/ha_myisam.cc",
"function": "ha_myisam::repair"
},
"id": "CVE-2016-6663-012dd5ec",
"signature_type": "Function",
"source": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291",
"signature_version": "v1",
"digest": {
"function_hash": "276458813327328109121598275008083856050",
"length": 3646.0
}
},
{
"deprecated": false,
"target": {
"file": "sql/mysqld.cc"
},
"id": "CVE-2016-6663-0450532a",
"signature_type": "Line",
"source": "https://github.com/mariadb/server/commit/6925689ca829901567e9503fd4fdce443f9a7d53",
"signature_version": "v1",
"digest": {
"line_hashes": [
"10300787521009057356635998495684155765",
"192111626566387172416930231159549664701",
"200649067802958136682873101511178304844",
"139512347727877704466775504772460481116"
],
"threshold": 0.9
}
},
{
"deprecated": false,
"target": {
"file": "storage/myisam/myisamchk.c"
},
"id": "CVE-2016-6663-0e9b3c17",
"signature_type": "Line",
"source": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291",
"signature_version": "v1",
"digest": {
"line_hashes": [
"156747042709335812239404857506504410227",
"231013385882616307362406484768393737594",
"247960275209919284425338247079266469796",
"94807745408925440267731616078773576765",
"292954708868220498858023134167179854521",
"215260897919776134769321196844271116522",
"327128402110047950727104259926443580298",
"37976955491392340010177804303314394070",
"31315364733805639904528875242370861535",
"23636445271699933478695614301336166186",
"142715726683166353606659931262966719615",
"113692683138749293938330979319571407078",
"239600725090668646360398799798242750812",
"141812422202096306878564551066768604157",
"116236903139257876953709171425674968247",
"142977855023063429113069970929363690371",
"247339910353859068544950836473596706959",
"184380523307018949517664805909490614929",
"235176238933677209035163335589649113259",
"122545716063765501173559697396925000324",
"253637046813155317159809229205987279491",
"64543028489523349328242021984464194566"
],
"threshold": 0.9
}
},
{
"deprecated": false,
"target": {
"file": "mysys/my_redel.c"
},
"id": "CVE-2016-6663-11f3a337",
"signature_type": "Line",
"source": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291",
"signature_version": "v1",
"digest": {
"line_hashes": [
"268840939935663536748212081556785947708",
"13213608670944391593977601682863524932",
"42022673281319839518881425877770538409",
"295567922588273038243547834376047814269",
"83732096556387150274615466118948077612",
"175667979982943242943117294983431153901",
"110041368375643820379187479017862529507",
"53656702135187289377974439619392192524",
"255265863849625929265871632865269432141"
],
"threshold": 0.9
}
},
{
"deprecated": false,
"target": {
"file": "sql/wsrep_mysqld.cc",
"function": "wsrep_init_startup"
},
"id": "CVE-2016-6663-14e2f95c",
"signature_type": "Function",
"source": "https://github.com/mariadb/server/commit/6925689ca829901567e9503fd4fdce443f9a7d53",
"signature_version": "v1",
"digest": {
"function_hash": "132261035674861403256292598415004597670",
"length": 507.0
}
},
{
"deprecated": false,
"target": {
"file": "storage/myisam/mi_check.c",
"function": "mi_repair_parallel"
},
"id": "CVE-2016-6663-167b6f87",
"signature_type": "Function",
"source": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291",
"signature_version": "v1",
"digest": {
"function_hash": "46874045325073224765921741163584709623",
"length": 11518.0
}
},
{
"deprecated": false,
"target": {
"file": "sql/mysqld.cc",
"function": "init_common_variables"
},
"id": "CVE-2016-6663-2c19b237",
"signature_type": "Function",
"source": "https://github.com/mariadb/server/commit/347eeefbfc658c8531878218487d729f4e020805",
"signature_version": "v1",
"digest": {
"function_hash": "262319326199199505806627401201410805668",
"length": 10175.0
}
},
{
"deprecated": false,
"target": {
"file": "mysys/my_redel.c",
"function": "my_redel"
},
"id": "CVE-2016-6663-438ab69b",
"signature_type": "Function",
"source": "https://github.com/mariadb/server/commit/347eeefbfc658c8531878218487d729f4e020805",
"signature_version": "v1",
"digest": {
"function_hash": "195743337054551639795236640843175325462",
"length": 606.0
}
},
{
"deprecated": false,
"target": {
"file": "storage/myisam/ha_myisam.cc"
},
"id": "CVE-2016-6663-44bbbc2d",
"signature_type": "Line",
"source": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291",
"signature_version": "v1",
"digest": {
"line_hashes": [
"201283705635448754132665265188137671436",
"296613805033232843133488841355618131989",
"290770581976157747597936953687005700797",
"317483574090711288141675573838371935383",
"262932596244079193037138873302489472737",
"308096480134062339759336998302812093359",
"40944838731279728717127484440448346577",
"90094137937071722639769174500675293628",
"46660997083066777924122253589500738189",
"172888075596071902319285000092358078749",
"233306842955875534311349834496105153115",
"303679630009499061330904604992622401246",
"144549355972847195092265270391635486169",
"20065455137261511726590167784347669069",
"333074141710635353878506192750459148821",
"321017884568555509413173745507597882333",
"170112018022462286709138612090632562697",
"52922199001493150231444090786513723373",
"213376804200464258068302637584522433408",
"251655547742885122498324756722412316001",
"312853271227260979379390432731718380101",
"318406103170310980244111911490146690437",
"288329711256206745116934964892715884557",
"171186147284461007665833970668839574649",
"239213191362046514061273544163485135424",
"131758108625120550413011234646016509642"
],
"threshold": 0.9
}
},
{
"deprecated": false,
"target": {
"file": "mysys/my_redel.c"
},
"id": "CVE-2016-6663-5aa320be",
"signature_type": "Line",
"source": "https://github.com/mariadb/server/commit/347eeefbfc658c8531878218487d729f4e020805",
"signature_version": "v1",
"digest": {
"line_hashes": [
"124687595909785567538765188232277988973",
"83732096556387150274615466118948077612",
"175667979982943242943117294983431153901",
"110041368375643820379187479017862529507",
"53656702135187289377974439619392192524"
],
"threshold": 0.9
}
},
{
"deprecated": false,
"target": {
"file": "include/my_sys.h"
},
"id": "CVE-2016-6663-7e57670c",
"signature_type": "Line",
"source": "https://github.com/mariadb/server/commit/347eeefbfc658c8531878218487d729f4e020805",
"signature_version": "v1",
"digest": {
"line_hashes": [
"204857641822545259624692295957400965273",
"241881475509794065742202524545529865730",
"220867298038812200121245944278101602115",
"42781184582441300900379110056144557069",
"140077583051860542236562203061000408419"
],
"threshold": 0.9
}
},
{
"deprecated": false,
"target": {
"file": "storage/myisam/mi_check.c"
},
"id": "CVE-2016-6663-971f3d65",
"signature_type": "Line",
"source": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291",
"signature_version": "v1",
"digest": {
"line_hashes": [
"42699215182813791121012285968399685361",
"283887813584854565888691497417157357180",
"308992967462514548775190287933262992961",
"280213325654104366914780866890144815731",
"248980031459596922128253564143995866701",
"250986292032979828544759821855331057500",
"288927712402439027009706396030426905626",
"53705054678198983521367532665957133835",
"273747095159405045276183622443483707691",
"113669133169273756262663631928872551246",
"168603377781963905516781435422178458369",
"232225171802750388073270099573340958989",
"69585755261622533388702614730225336173",
"95342301640158575961657907622925632951",
"315458012847417631193154885912884424542",
"12131081452139921587499998896789555826",
"277487103031690622320806890007182892316",
"186602220244811639594054663138278008748",
"173087997298978807669800251024279931962",
"222255978478241429711298864436308573805",
"177323726636066859717087707310528106480",
"287299628530470010984044338728657069257",
"133595270542946639628781352467207623188",
"13827795013520703108712237620662592313",
"76401467057788038773742128719613617138",
"128504660564266791888306851137419797961",
"208363716006632155423818890780186475368",
"250986292032979828544759821855331057500",
"288927712402439027009706396030426905626",
"53705054678198983521367532665957133835",
"134882972019238768994021430152751346849",
"226157148384397825808416733684846808501",
"44198304063688099870505427636626043103",
"232225171802750388073270099573340958989",
"69585755261622533388702614730225336173",
"89863585585117615111631960149423304978",
"170211683214940972715656533162695208785",
"226905967229131781338309747750819999242",
"189019889339060272823930724907516586024",
"251287378081451584581669384615429917886",
"182233386314124646865893770141230208085",
"250986292032979828544759821855331057500",
"288927712402439027009706396030426905626",
"53705054678198983521367532665957133835",
"134882972019238768994021430152751346849",
"226157148384397825808416733684846808501",
"44198304063688099870505427636626043103",
"232225171802750388073270099573340958989",
"69585755261622533388702614730225336173",
"89863585585117615111631960149423304978"
],
"threshold": 0.9
}
},
{
"deprecated": false,
"target": {
"file": "mysys/my_redel.c",
"function": "my_redel"
},
"id": "CVE-2016-6663-a4ab53e0",
"signature_type": "Function",
"source": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291",
"signature_version": "v1",
"digest": {
"function_hash": "292832109208458826524827815740674481880",
"length": 694.0
}
},
{
"deprecated": false,
"target": {
"file": "include/myisam.h"
},
"id": "CVE-2016-6663-a7ba197e",
"signature_type": "Line",
"source": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291",
"signature_version": "v1",
"digest": {
"line_hashes": [
"52191238680556084602184331467585717316",
"165500393937282181612836691971469098274",
"199298288664273736627721031451492543318",
"184926282695259036073269894408201576817",
"12484044925468655610656013300142054402",
"172054397009567870522721359562446896055",
"202249256637765096405274741918339176252",
"261386577292418474757752630291786559818",
"318757889588542971244826735996883594616",
"120795515728839937243591388654352490317"
],
"threshold": 0.9
}
},
{
"deprecated": false,
"target": {
"file": "storage/myisam/myisamchk.c",
"function": "myisamchk"
},
"id": "CVE-2016-6663-a8a47b33",
"signature_type": "Function",
"source": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291",
"signature_version": "v1",
"digest": {
"function_hash": "161807721212549749744447256380498804981",
"length": 11412.0
}
},
{
"deprecated": false,
"target": {
"file": "storage/myisam/mi_check.c",
"function": "mi_sort_index"
},
"id": "CVE-2016-6663-abcb229c",
"signature_type": "Function",
"source": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291",
"signature_version": "v1",
"digest": {
"function_hash": "60193803830240735526068407873093331498",
"length": 2846.0
}
},
{
"deprecated": false,
"target": {
"file": "sql/mysqld.cc",
"function": "init_server_components"
},
"id": "CVE-2016-6663-ad13bcb6",
"signature_type": "Function",
"source": "https://github.com/mariadb/server/commit/6925689ca829901567e9503fd4fdce443f9a7d53",
"signature_version": "v1",
"digest": {
"function_hash": "332731388677987676617497379852326324426",
"length": 10442.0
}
},
{
"deprecated": false,
"target": {
"file": "mysys/my_static.c"
},
"id": "CVE-2016-6663-dbd7e0a8",
"signature_type": "Line",
"source": "https://github.com/mariadb/server/commit/347eeefbfc658c8531878218487d729f4e020805",
"signature_version": "v1",
"digest": {
"line_hashes": [
"81496441030339131816656121845420665094",
"302625491858400971457234939451495549748",
"6827239584925624247613973362449513601"
],
"threshold": 0.9
}
},
{
"deprecated": false,
"target": {
"file": "storage/myisam/mi_check.c",
"function": "mi_repair_by_sort"
},
"id": "CVE-2016-6663-df2b0ca8",
"signature_type": "Function",
"source": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291",
"signature_version": "v1",
"digest": {
"function_hash": "30622865852041770431449650785887601474",
"length": 10095.0
}
},
{
"deprecated": false,
"target": {
"file": "sql/mysqld.cc"
},
"id": "CVE-2016-6663-e13387dd",
"signature_type": "Line",
"source": "https://github.com/mariadb/server/commit/347eeefbfc658c8531878218487d729f4e020805",
"signature_version": "v1",
"digest": {
"line_hashes": [
"113653453795459072047227819278406290569",
"205000405171199861407951977585919257745",
"235516704714933514093155642919855990104",
"226523148360695621250871189521955661104"
],
"threshold": 0.9
}
},
{
"deprecated": false,
"target": {
"file": "storage/myisam/mi_check.c",
"function": "mi_repair"
},
"id": "CVE-2016-6663-eb8b92a0",
"signature_type": "Function",
"source": "https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291",
"signature_version": "v1",
"digest": {
"function_hash": "299749847910497993900732133731634673449",
"length": 7360.0
}
},
{
"deprecated": false,
"target": {
"file": "sql/wsrep_mysqld.cc"
},
"id": "CVE-2016-6663-f35317e8",
"signature_type": "Line",
"source": "https://github.com/mariadb/server/commit/6925689ca829901567e9503fd4fdce443f9a7d53",
"signature_version": "v1",
"digest": {
"line_hashes": [
"48322688254895416229170939282175586315",
"246612037741245845170913514545422239772",
"63643117174896252787942841139351789137",
"12461612565261460537925623326578810451"
],
"threshold": 0.9
}
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-6663.json"