Описание
Moderate: galera and mariadb security update
Galera is a fast synchronous multimaster wsrep provider (replication engine) for transactional databases and similar applications. For more information about wsrep API see https://github.com/codership/wsrep-API repository. For a description of Galera replication engine see https://www.galeracluster.com web.
Security Fix(es):
-
mysql: High Privilege Denial of Service Vulnerability in MySQL Server (CVE-2025-21490)
-
mariadb: MariaDB Server Crash Due to Empty Backtrace Log (CVE-2023-52969)
-
mariadb: MariaDB Server Crash via Item_direct_view_ref (CVE-2023-52970)
-
mysql: mysqldump unspecified vulnerability (CPU Apr 2025) (CVE-2025-30722)
-
mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-30693)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Затронутые продукты
Rocky Linux 9
Ссылки на источники
Исправления
- Red Hat - 2339221
- Red Hat - 2350916
- Red Hat - 2350918
- Red Hat - 2359885
- Red Hat - 2359963
Связанные уязвимости
ELSA-2025-19584: galera and mariadb security update (MODERATE)
ELSA-2025-19572: mariadb:10.5 security update (MODERATE)
MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, and 11.0 through 11.0.* can sometimes crash with an empty backtrace log. This may be related to make_aggr_tables_info and optimize_stage2.