Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Option). Supported versions that are affected are 5.5.45 and earlier and 5.6.26 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of MySQL Server. External References: http://www.oracle.com/technetwork/topics/security/cpujul2016-2881720.html
This was already corrected in the following updates, which rebased affected packages to fixed upstream versions. Red Hat Enterprise Linux 7 - mariadb https://rhn.redhat.com/errata/RHSA-2016-0534.html Red Hat Software Collections - rh-mysql56-mysql https://rhn.redhat.com/errata/RHSA-2016-0705.html Red Hat Software Collections - rh-mariadb100-mariadb https://rhn.redhat.com/errata/RHSA-2016-1132.html
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 6 Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.2 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.1 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7 Via RHSA-2016:1481 https://rhn.redhat.com/errata/RHSA-2016-1481.html
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 6 Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.2 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.1 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7 Via RHSA-2016:1480 https://rhn.redhat.com/errata/RHSA-2016-1480.html