mysql:8.4 security update
エラータID: AXSA:2025-11583:01
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.
Security Fix(es):
* mysql: DML unspecified vulnerability (CPU Oct 2025) (CVE-2025-53053)
* mysql: InnoDB unspecified vulnerability (CPU Oct 2025) (CVE-2025-53044)
* mysql: InnoDB unspecified vulnerability (CPU Oct 2025) (CVE-2025-53062)
* mysql: InnoDB unspecified vulnerability (CPU Oct 2025) (CVE-2025-53054)
* mysql: InnoDB unspecified vulnerability (CPU Oct 2025) (CVE-2025-53045)
* mysql: Optimizer unspecified vulnerability (CPU Oct 2025) (CVE-2025-53040)
* mysql: Components Services unspecified vulnerability (CPU Oct 2025) (CVE-2025-53069)
* mysql: Optimizer unspecified vulnerability (CPU Oct 2025) (CVE-2025-53042)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2025-53040
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2025-53042
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2025-53044
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2025-53045
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2025-53053
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
CVE-2025-53054
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
CVE-2025-53062
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2025-53069
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Modularity name: "mysql"
Stream name: "8.4"
Update packages.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
N/A
SRPMS
- mecab-ipadic-2.7.0.20070801-24.module+el9+1118+dc6d3d95.src.rpm
MD5: 0356a524936cbe2a0840628671b4e6f9
SHA-256: 933fcdfce7a6a72e90f9968d0dc53abf1697f7db03e2b2bdec9c2a2da59c093d
Size: 10.54 MB - mecab-0.996-3.module+el9+1118+dc6d3d95.4.src.rpm
MD5: 15d1d29cd49cc7c8e1675c2cc1a709c9
SHA-256: 943c496abb093994bd38defb28072b29bcb2d99ee121792faac455273659f3e2
Size: 956.98 kB - mysql-8.4.7-1.module+el9+1118+dc6d3d95.src.rpm
MD5: 1bcc478c213bba37c4a37cea1292f386
SHA-256: 0f5d09bdcd709650bcb1bf0dd59b4fa5b1021fbaf5045c5c3c13d0921fd4b05a
Size: 453.44 MB - rapidjson-1.1.0-19.module+el9+1118+dc6d3d95.src.rpm
MD5: ce21db0c7a13fa9a523383a449954bf7
SHA-256: 4723f2ea4446384532fb44290956a9be3f6f1844653290bb7b9f77c27577a1e6
Size: 0.98 MB
Asianux Server 9 for x86_64
- mecab-0.996-3.module+el9+1118+dc6d3d95.4.x86_64.rpm
MD5: 9ddae59e1cf0be0bfee658b69c85c5c1
SHA-256: 0940cd5d9b44a4e468cf92bad64cae902e33f0d1024d5ea41521fda4a260b37f
Size: 355.52 kB - mecab-debugsource-0.996-3.module+el9+1118+dc6d3d95.4.x86_64.rpm
MD5: 158d6aceb106248c84b441841420bd6e
SHA-256: 8fdeeb6a009b637de0abb6898c051bbed86411bdd076c9be7fe20fd12f7ef187
Size: 168.02 kB - mecab-devel-0.996-3.module+el9+1118+dc6d3d95.4.x86_64.rpm
MD5: dbf4d638b4a95f7d6b741e65a7bff6a3
SHA-256: e337fe2ad398891edd509073bed8fcb75725213c783d3d882eae5ee4758faf45
Size: 82.70 kB - mecab-ipadic-2.7.0.20070801-24.module+el9+1118+dc6d3d95.x86_64.rpm
MD5: 17e2c2386bde13fad31f2c8ff55f471c
SHA-256: ac8e8d4b10df5f965e2dd76c916d860fc3714d128b58e96839dcc889a74f8a82
Size: 10.54 MB - mecab-ipadic-EUCJP-2.7.0.20070801-24.module+el9+1118+dc6d3d95.x86_64.rpm
MD5: b39625b00dbaa9ee88ce53dc1869d4a3
SHA-256: bf05694013d56e76e8f7d81d9bfeffc940328f200187215eae66cba3cd8a3ab5
Size: 9.63 MB - mysql-8.4.7-1.module+el9+1118+dc6d3d95.x86_64.rpm
MD5: cfe41e9ea4dee76e864c0914c09558c7
SHA-256: 0e07ec268f6ea6d7917ada127cf76cf0f9d5477108af8e6400be99ed0c4c15e5
Size: 2.52 MB - mysql-common-8.4.7-1.module+el9+1118+dc6d3d95.noarch.rpm
MD5: a4d5d9374292581432958d6e63c86846
SHA-256: 02b1a4c6fd1f0a73df1e2437f293549d82f4e878f8aacf2d3344886e98609682
Size: 77.20 kB - mysql-debugsource-8.4.7-1.module+el9+1118+dc6d3d95.x86_64.rpm
MD5: ed2b3056492e09c43fb0135ea69f83df
SHA-256: a2542d6f913750cf5e646d0c500f10ff14d5477fdedd139b7b93b8fdda028c88
Size: 17.61 MB - mysql-devel-8.4.7-1.module+el9+1118+dc6d3d95.x86_64.rpm
MD5: 8479bf4ed74f5856c1c6ee5fde7f72f4
SHA-256: 4db5b2e27e778719e40a695ab952d79393cb0bb33b138703c8cc9b412e1717b8
Size: 103.49 kB - mysql-errmsg-8.4.7-1.module+el9+1118+dc6d3d95.noarch.rpm
MD5: e73371391aa80519bb5d5a48beece739
SHA-256: 12ffd200ebaa3d3753d438559fcf26f0a558cd76f7287f694545bcdb8f630189
Size: 527.06 kB - mysql-libs-8.4.7-1.module+el9+1118+dc6d3d95.x86_64.rpm
MD5: a69dca47ec68ac5a963e9235065ac6f1
SHA-256: cd572fdf5d54519cf9b83d63b5a1d9f7e262f3ae5af726afbc6dfd751fdff4f7
Size: 1.26 MB - mysql-server-8.4.7-1.module+el9+1118+dc6d3d95.x86_64.rpm
MD5: 0349a7d0cf03f1e7a98b61dad3453836
SHA-256: 2af8406c81fbdd4f1d1a0169e25a8a7b2a6a87219837e336cdbf1a6e6c355ddb
Size: 18.41 MB - mysql-test-8.4.7-1.module+el9+1118+dc6d3d95.x86_64.rpm
MD5: 496a50d455068c323ff609c59f2c9ef8
SHA-256: 15a98c6dee5739df0b4b2d86ce83ff5bed38fe7fef65057cc9ba0369abb2c44c
Size: 4.39 MB - mysql-test-data-8.4.7-1.module+el9+1118+dc6d3d95.noarch.rpm
MD5: f0b864c0fd20eb5d1a9e2536b9d0590b
SHA-256: c9631f5a58941e594b30b526a815daa0fea0beac8c21f4ac012a11d9577d3dee
Size: 379.32 MB
日本語