Critical vulnerability in MySQL (CVE-2016-6662)


#1

A recently discovered vulnerability in MySQL could potentially allow the execution of arbitrary code with root privileges. A successful attack would result in total compromise of any affected servers.

The major Linux distributions haven’t yet rolled out updates that patch this vulnerability. This risk of a successful exploit is mitigated as local access to the target system is required. This could be by a legitimate user, or by means of another (different) security exploit.

Until updates are published there are certain steps that can be taken to eliminate the possibility of a successful exploit.

On Symbiosis/Debian based systems:
Make sure that /etc/mysql/my.cnf is owned by the root user. You can do this with the following command:

  • sudo chown root:root /etc/mysql/my.cnf
  • sudo chmod 644 /etc/mysql/my.cnf

You should also create two files (/var/lib/mysql/my.cnf and /var/lib/mysql/.my.cnf) and make sure that they are also owned by the root user:

  • sudo touch /var/lib/mysql/my.cnf; sudo chown root:root /var/lib/mysql/my.cnf
  • sudo chmod 644 /var/lib/mysql/my.cnf
  • sudo touch /var/lib/mysql/.my.cnf; sudo chown root:root /var/lib/mysql/.my.cnf
  • sudo chmod 644 /var/lib/mysql/.my.cnf

If the /var/lib/mysql/my.cnf or /var/lib/mysql/.my.cnf files already exist you may already have been compromised. You should check the contents of the files and can contact us for advice.

We are actively checking all of the servers of our managed customers and will be contacting each directly.

We will continue to update this post as more details are obtained. If you think that you may be affected by this issue or need further advice then please contact support.


#2

Hi @pfoster

Done. Cloudy symbo user says thanks for the heads up!


#3

Thanks for the heads up