[security - medium] mysql:8.0 security update, rapidjson-1.1.0-6.module+el8+1926+c7e618c4
エラータID: AXSA:2025-11538:01
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.
Security Fix(es):
* mysql: DML unspecified vulnerability (CPU Oct 2025) (CVE-2025-53053)
* mysql: InnoDB unspecified vulnerability (CPU Oct 2025) (CVE-2025-53044)
* mysql: InnoDB unspecified vulnerability (CPU Oct 2025) (CVE-2025-53062)
* mysql: InnoDB unspecified vulnerability (CPU Oct 2025) (CVE-2025-53054)
* mysql: InnoDB unspecified vulnerability (CPU Oct 2025) (CVE-2025-53045)
* mysql: Optimizer unspecified vulnerability (CPU Oct 2025) (CVE-2025-53040)
* mysql: Components Services unspecified vulnerability (CPU Oct 2025) (CVE-2025-53069)
* mysql: Optimizer unspecified vulnerability (CPU Oct 2025) (CVE-2025-53042)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2025-53040
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2025-53042
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2025-53044
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2025-53045
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2025-53053
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
CVE-2025-53054
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
CVE-2025-53062
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2025-53069
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Modularity name: "mysql"
Stream name: "8.0"
Update packages.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
N/A
SRPMS
- mecab-ipadic-2.7.0.20070801-17.module+el8+1926+c7e618c4.src.rpm
MD5: c2d0a18f96e51e13e019fd5e06b28fe2
SHA-256: 5cd40ca3feb78f29b6c069c5a83533e5ea2e505f7218556ad364f347e42bc47e
Size: 10.54 MB - mecab-0.996-2.module+el8+1926+c7e618c4.src.rpm
MD5: a2b1cf8212ab73cd2f6a53e7cefff8a7
SHA-256: 74df53a868d8a90de9116085cbecf91a8d28db73664736485371a2cf011183ae
Size: 960.68 kB - mysql-8.0.44-1.module+el8+1926+c7e618c4.ML.1.src.rpm
MD5: 607d099d2deb4ca2199ef25792dc5bb5
SHA-256: 20b4c2a1f5085dfe933524d47c4e52c0782d2d025bfcbf62db0bf460e0981b5b
Size: 466.33 MB - rapidjson-1.1.0-6.module+el8+1926+c7e618c4.src.rpm
MD5: 94cd21102a40833b151ecfc6668d562f
SHA-256: b930666b2b882ce39bc41b728d530495603b820b7b07f147c74d54baf1cc5835
Size: 0.98 MB
Asianux Server 8 for x86_64
- mecab-0.996-2.module+el8+1926+c7e618c4.x86_64.rpm
MD5: 26ea3b4debe39cd2a1272d861ac6157c
SHA-256: 24997238c08c1ba12bd76c850925e1ec19895c256bf8bd495b1abc4183ea72f0
Size: 392.38 kB - mecab-debugsource-0.996-2.module+el8+1926+c7e618c4.x86_64.rpm
MD5: 9e3a1b5431c5991bf649e354d9736f6e
SHA-256: 715a83681549bf86acc3c6f1d5f95fd2213f0f998418305e2f11d59564a31396
Size: 165.54 kB - mecab-devel-0.996-2.module+el8+1926+c7e618c4.x86_64.rpm
MD5: a3b08c11e5e08790a7c16356259e88d6
SHA-256: c7c91570981e392c4145bf238b4eaf3129c926b085d65016b80485697b4a121a
Size: 78.61 kB - mecab-ipadic-2.7.0.20070801-17.module+el8+1926+c7e618c4.x86_64.rpm
MD5: 23fd67232ed11db6277d18ad209749ee
SHA-256: 67984eda3ca11187682bab8d74b04ba1c2aeb335556a82c9de01b544e97b8bc8
Size: 10.52 MB - mecab-ipadic-EUCJP-2.7.0.20070801-17.module+el8+1926+c7e618c4.x86_64.rpm
MD5: 59dee15599dbe1f873c0d000c1671dd5
SHA-256: e8fce4310d9cb1c60cd53974dcbb40c2bf18cda88ff9ea728db35d3cf47220fd
Size: 9.40 MB - mysql-8.0.44-1.module+el8+1926+c7e618c4.ML.1.x86_64.rpm
MD5: d36dc2e7dcfb2358153d577e3aa72d63
SHA-256: d9b0aed94c25a830fa4a7aa7c2e408778a806d2a5f53b34a340a878c62aca5e6
Size: 14.55 MB - mysql-common-8.0.44-1.module+el8+1926+c7e618c4.ML.1.x86_64.rpm
MD5: d662b9bdea26fa82486fd6d473ce41fa
SHA-256: 987d8a49427724ab3368af7daa07bd47be5994fb428eb336390ed0e52236322d
Size: 135.51 kB - mysql-debugsource-8.0.44-1.module+el8+1926+c7e618c4.ML.1.x86_64.rpm
MD5: 0f62bb6d86a3edb5e7607ca23c4c4292
SHA-256: 5f65485ced541f5f45c6725dc9f3947af2b5052571727f82dcd1c035381c5de2
Size: 17.75 MB - mysql-devel-8.0.44-1.module+el8+1926+c7e618c4.ML.1.x86_64.rpm
MD5: 6d7c443ee5869760a2bd1301bdcde686
SHA-256: 0356e0d6e83d2f0af1667990c11553886a38a8939c0dd4213d8c1d28b1aae949
Size: 161.19 kB - mysql-errmsg-8.0.44-1.module+el8+1926+c7e618c4.ML.1.x86_64.rpm
MD5: 46038e761a858ba04ba097a7e0a57725
SHA-256: 47d564a4aacd05e4e8b74fcb9a18c32364a8dcb9746c9ff477bc9dc952a82752
Size: 642.84 kB - mysql-libs-8.0.44-1.module+el8+1926+c7e618c4.ML.1.x86_64.rpm
MD5: 023a98ec5b03f00919773cc1aa5cc803
SHA-256: 8724d4e26986438f00a0d7d9bca382bcc7174c94a261bfbb537dcfe37dce5bd6
Size: 1.48 MB - mysql-server-8.0.44-1.module+el8+1926+c7e618c4.ML.1.x86_64.rpm
MD5: 6b38309e1929448c55d90fc3188b1bc7
SHA-256: 6d7f89ab4a831b306d6ccfb7328108498e6e04fc77e0f93c788f1a30d44d89b2
Size: 32.52 MB - mysql-test-8.0.44-1.module+el8+1926+c7e618c4.ML.1.x86_64.rpm
MD5: 1c09e90f43d76ba73315de5d5a763dd4
SHA-256: e4d237efc5c9d351902dd7dbb5ee71bb5454f9e49877fe39daf41abfff5540bd
Size: 404.28 MB