RLSA-2025:0739

Опубликовано: 13 фев. 2025

Источник: rocky

Оценка: Moderate

Описание

Moderate: mariadb:10.5 security update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL.

Security Fix(es):

mysql: InnoDB unspecified vulnerability (CPU Oct 2023) (CVE-2023-22084)
mysql: Client: mysqldump unspecified vulnerability (CPU Apr 2024) (CVE-2024-21096)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

Rocky Linux 8

Наименование	Архитектура	Релиз	RPM
galera	x86_64	1.module+el8.10.0+1925+356c22e8	galera-26.4.20-1.module+el8.10.0+1925+356c22e8.x86_64.rpm
Judy	x86_64	18.module+el8.10.0+1674+fa55eae9	Judy-1.0.5-18.module+el8.10.0+1674+fa55eae9.x86_64.rpm
mariadb	x86_64	1.module+el8.10.0+1926+d379821b	mariadb-10.5.27-1.module+el8.10.0+1926+d379821b.x86_64.rpm
mariadb-backup	x86_64	1.module+el8.10.0+1926+d379821b	mariadb-backup-10.5.27-1.module+el8.10.0+1926+d379821b.x86_64.rpm
mariadb-common	x86_64	1.module+el8.10.0+1926+d379821b	mariadb-common-10.5.27-1.module+el8.10.0+1926+d379821b.x86_64.rpm
mariadb-devel	x86_64	1.module+el8.10.0+1926+d379821b	mariadb-devel-10.5.27-1.module+el8.10.0+1926+d379821b.x86_64.rpm
mariadb-embedded	x86_64	1.module+el8.10.0+1926+d379821b	mariadb-embedded-10.5.27-1.module+el8.10.0+1926+d379821b.x86_64.rpm
mariadb-embedded-devel	x86_64	1.module+el8.10.0+1926+d379821b	mariadb-embedded-devel-10.5.27-1.module+el8.10.0+1926+d379821b.x86_64.rpm
mariadb-errmsg	x86_64	1.module+el8.10.0+1926+d379821b	mariadb-errmsg-10.5.27-1.module+el8.10.0+1926+d379821b.x86_64.rpm
mariadb-gssapi-server	x86_64	1.module+el8.10.0+1926+d379821b	mariadb-gssapi-server-10.5.27-1.module+el8.10.0+1926+d379821b.x86_64.rpm

Показывать по

Связанные CVE

CVE-2023-22084

CVE-2024-21096

Ссылки на источники

Исправления

https://bugzilla.redhat.com/show_bug.cgi?id=2245023
Red Hat - 2245023
https://bugzilla.redhat.com/show_bug.cgi?id=2275452
Red Hat - 2275452

Связанные уязвимости

SUSE-SU-2024:1985-1

suse-cvrf

больше 1 года назад

Security update for mariadb

RLSA-2025:0914

rocky

9 месяцев назад

Moderate: galera and mariadb security update

ELSA-2025-0914

oracle-oval

10 месяцев назад

ELSA-2025-0914: galera and mariadb security update (MODERATE)

ELSA-2025-0739

oracle-oval

11 месяцев назад

ELSA-2025-0739: mariadb:10.5 security update (MODERATE)

CVE-2023-22084

CVSS3: 4.9

ubuntu

около 2 лет назад

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.43 and prior, 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

exploitDog