[security - medium] mariadb:10.11 security update

エラータID: AXSA:2026-413:01

Release date: 
Friday, April 10, 2026 - 10:16
Subject: 
[security - medium] mariadb:10.11 security update
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL.

Security Fix(es):

* mysql: High Privilege Denial of Service Vulnerability in MySQL Server (CVE-2025-21490)
* mariadb: MariaDB Server Crash Due to Empty Backtrace Log (CVE-2023-52969)
* mariadb: MariaDB Server Crash (CVE-2023-52971)
* mariadb: MariaDB Server Crash via Item_direct_view_ref (CVE-2023-52970)
* mysql: mysqldump unspecified vulnerability (CPU Apr 2025) (CVE-2025-30722)
* mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-30693)
* mysql: Optimizer unspecified vulnerability (CPU Jan 2026) (CVE-2026-21968)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2023-52969
MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, and 11.0 through 11.0.* can sometimes crash with an empty backtrace log. This may be related to make_aggr_tables_info and optimize_stage2.
CVE-2023-52970
MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, 11.0 through 11.0.*, and 11.1 through 11.4.* crashes in Item_direct_view_ref::derived_field_transformer_for_where.
CVE-2023-52971
MariaDB Server 10.10 through 10.11.* and 11.0 through 11.4.* crashes in JOIN::fix_all_splittings_in_plan.
CVE-2025-21490
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2025-30693
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
CVE-2025-30722
Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Client accessible data as well as unauthorized update, insert or delete access to some of MySQL Client accessible data. CVSS 3.1 Base Score 5.9 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N).
CVE-2026-21968
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Modularity name: "mariadb"
Stream name: "10.11"

Solution: 

Update packages.

CVEs: 
CVE-2023-52969
MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, and 11.0 through 11.0.* can sometimes crash with an empty backtrace log. This may be related to make_aggr_tables_info and optimize_stage2.
CVE-2023-52970
MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, 11.0 through 11.0.*, and 11.1 through 11.4.* crashes in Item_direct_view_ref::derived_field_transformer_for_where.
CVE-2023-52971
MariaDB Server 10.10 through 10.11.* and 11.0 through 11.4.* crashes in JOIN::fix_all_splittings_in_plan.
CVE-2025-21490
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2025-30693
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
CVE-2025-30722
Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Client accessible data as well as unauthorized update, insert or delete access to some of MySQL Client accessible data. CVSS 3.1 Base Score 5.9 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N).
CVE-2026-21968
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
Additional Info: 

N/A

Download: 

SRPMS
  1. asio-1.10.8-7.module+el8+1968+9507fe04.src.rpm
    MD5: f58c5b58e84a3760cb0c5d9577fcb993
    SHA-256: 7876ee8ceca91eb6d7bbab9c52c13b30501e5974c557080136a9e834ce980067
    Size: 0.99 MB
  2. galera-26.4.23-1.module+el8+1968+9507fe04.src.rpm
    MD5: 32d91026f861b9e39dc2c479537192b7
    SHA-256: 7d7bff7db854d796d33c7246c05d55c98fb88268aea9b60ac7319a2ae3fa106c
    Size: 3.59 MB
  3. Judy-1.0.5-18.module+el8+1968+9507fe04.src.rpm
    MD5: 761023dae69db6bd5d8c74f38735473f
    SHA-256: 86f435fadeb70fbc842697f84fe93b39d2273e10b2e9a2a9429da05d9193e311
    Size: 1.10 MB
  4. mariadb-10.11.15-1.module+el8+1968+9507fe04.src.rpm
    MD5: efd7443dbff80a83dee022a630296e12
    SHA-256: ef2dc47b475f509adb5d80a948784710d9ad38e6c39b697e85a76044364d505f
    Size: 106.97 MB

Asianux Server 8 for x86_64
  1. galera-26.4.23-1.module+el8+1968+9507fe04.x86_64.rpm
    MD5: b8eea753c0282f0a2ca837269c1c74e1
    SHA-256: 2489d461113c7e73c5d5faed206f74ddffb5c0827983ef82b9cc36c720bacf42
    Size: 1.47 MB
  2. galera-debugsource-26.4.23-1.module+el8+1968+9507fe04.x86_64.rpm
    MD5: 37e7238e88317777096d18a3fe760aad
    SHA-256: f23240ad2215e20021a56889ec0dfacd95a259375f7e8449daf12be4747cae1a
    Size: 710.73 kB
  3. Judy-1.0.5-18.module+el8+1968+9507fe04.x86_64.rpm
    MD5: bda758173b4441ad64ae9fb34efdcad3
    SHA-256: 67d6857473d310a17f242b995aebdcf487b9f9037c7ef22f9ce5feedaf8110b2
    Size: 129.12 kB
  4. Judy-debugsource-1.0.5-18.module+el8+1968+9507fe04.x86_64.rpm
    MD5: 459be733be826ec46b12ba6b97df9882
    SHA-256: ef568b006896529e55821a065a28fe3cdcf79d58267ae8ff6cf85ae54e83decd
    Size: 157.64 kB
  5. mariadb-10.11.15-1.module+el8+1968+9507fe04.x86_64.rpm
    MD5: 9c2e071de61fdc317c7e13c7c1ef6b3e
    SHA-256: 5c1b29d2d9890ecae266e53ff68e5111ed703b26e4a4b9a96b04940d2c4ff179
    Size: 7.38 MB
  6. mariadb-backup-10.11.15-1.module+el8+1968+9507fe04.x86_64.rpm
    MD5: a56977f2c4716e31d0efac1eeeeed9b7
    SHA-256: 5dc7543d1c5fc1bdb1d23134b1bd2ec036628c71f340c4f854c64edcd32ed49f
    Size: 7.42 MB
  7. mariadb-common-10.11.15-1.module+el8+1968+9507fe04.x86_64.rpm
    MD5: 3d7ec5588c6ba5061c72cf0d78aed4e4
    SHA-256: 619293b3eb950e574b8fc8a1608a98f3da8ed8d66906098ba82b26dc74df36f8
    Size: 68.74 kB
  8. mariadb-debugsource-10.11.15-1.module+el8+1968+9507fe04.x86_64.rpm
    MD5: fd519e246ae20b7d04e0001437addf0d
    SHA-256: fa49ca17edd6457a8407db1bdd7461578f3e8b9d8a41841489b68356788dd2ad
    Size: 10.80 MB
  9. mariadb-devel-10.11.15-1.module+el8+1968+9507fe04.x86_64.rpm
    MD5: d7840db6f9010bfaaa2468bc840b2b0b
    SHA-256: becffd6d1c7b6fdf320d9cd543fdd74053fafe590fcf5efc9dcec78c9acc373a
    Size: 1.27 MB
  10. mariadb-embedded-10.11.15-1.module+el8+1968+9507fe04.x86_64.rpm
    MD5: ea12508d96650dad96bc48436ced319f
    SHA-256: 0e88baf937f002e48fbe7a5803c8b40332bd99d66682a76ef96f053b4785d9c8
    Size: 5.76 MB
  11. mariadb-embedded-devel-10.11.15-1.module+el8+1968+9507fe04.x86_64.rpm
    MD5: c5ad285dcc5c4ac9377629632f05d253
    SHA-256: cb43f22c6530de37d9926d4b0e57c150de92b436a409dfbd69858504d9986200
    Size: 49.37 kB
  12. mariadb-errmsg-10.11.15-1.module+el8+1968+9507fe04.x86_64.rpm
    MD5: 099f926d96e771b53f9f8f31139568ca
    SHA-256: 4c41a18edb02fa68d8e1224f798873443130dfe41ece5f3b0a5091ffd509b3a5
    Size: 339.26 kB
  13. mariadb-gssapi-server-10.11.15-1.module+el8+1968+9507fe04.x86_64.rpm
    MD5: ac863a01d9eaf29223e48baeb28cae48
    SHA-256: 2b32d5e3a7cbaaa6dd7d2e3c663dbfc1e29b130ca71c6586c4c5e7f8a60635df
    Size: 56.04 kB
  14. mariadb-oqgraph-engine-10.11.15-1.module+el8+1968+9507fe04.x86_64.rpm
    MD5: 712185a422dff0941e028d94ad506a34
    SHA-256: d667ddebceecf8ec352f6b46357fa0fa08324669a9f5008805c43c35be1686df
    Size: 107.62 kB
  15. mariadb-pam-10.11.15-1.module+el8+1968+9507fe04.x86_64.rpm
    MD5: caf20460a7f4e0853379a2e02d148379
    SHA-256: ab1f006b5a3a9b49e2880ce0779bf037fe6ee7f209cb331f475437d913d7a12c
    Size: 65.44 kB
  16. mariadb-server-10.11.15-1.module+el8+1968+9507fe04.x86_64.rpm
    MD5: 2ee3a2d69b3d1b4c7aa7f3e2f866e987
    SHA-256: 2ca37ff89f8aafba7965f306f2875cdf047386b0d8dfc94a1cc212d6e34b2cc3
    Size: 20.63 MB
  17. mariadb-server-galera-10.11.15-1.module+el8+1968+9507fe04.x86_64.rpm
    MD5: 8e8dc7c418d4a9be05c01a1d904e104a
    SHA-256: 330bc25744cab6e5c7caaf6040390a7e7a833413471abb9238e1b7891f705348
    Size: 66.01 kB
  18. mariadb-server-utils-10.11.15-1.module+el8+1968+9507fe04.x86_64.rpm
    MD5: fb4cb385568267fac6839db6bfd6c814
    SHA-256: 810e2ef8151613e8e0af47a4d77ff695f9bddfef0d4ebc6f73132f1c19f1cc5e
    Size: 1.43 MB
  19. mariadb-test-10.11.15-1.module+el8+1968+9507fe04.x86_64.rpm
    MD5: 4668162f89963ba0670aa0d08763f0d3
    SHA-256: 538d2922997655e50d0f76333ab67116777c9fc6e769f11c59bec64126dc356e
    Size: 33.47 MB