mysql:8.0 security update
エラータID: AXSA:2026-376:01
リリース日:
2026/04/01 Wednesday - 21:03
題名:
mysql:8.0 security update
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- MySQL の InnoDB コンポーネントには、リモートの攻撃者により、
サービス拒否攻撃を可能とする脆弱性が存在します。(CVE-2026-21936)
- MySQL の Server: DDL コンポーネントには、リモートの攻撃者により、
サービス拒否攻撃を可能とする脆弱性が存在します。(CVE-2026-21937)
- MySQL の Server: Optimizer コンポーネントには、リモートの攻撃者
により、サービス拒否攻撃 (リソース枯渇) を可能とする脆弱性が存在
します。(CVE-2026-21941)
- MySQL の Server: Optimizer コンポーネントには、リモートの攻撃者
により、サービス拒否攻撃 (リソース枯渇) を可能とする脆弱性が存在
します。(CVE-2026-21948)
- MySQL の Server: Thread Pooling コンポーネントには、リモートの
攻撃者により、サービス拒否攻撃を可能とする脆弱性が存在します。
(CVE-2026-21964)
- MySQL の Server: Optimizer コンポーネントには、リモートの攻撃者
により、サービス拒否攻撃を可能とする脆弱性が存在します。
(CVE-2026-21968)
Modularity name: mysql
Stream name: 8.0
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2026-21936
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2026-21937
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2026-21941
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2026-21948
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2026-21964
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2026-21968
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
追加情報:
N/A
ダウンロード:
SRPMS
- mecab-ipadic-2.7.0.20070801-17.module+el8+1967+1fd4a047.src.rpm
MD5: 6bb09b1fa283690214d70113b5511ab0
SHA-256: 094880c453604fe856e0a4a4f2d1fd7102d368d0fb3620311ea4b04dc400eba7
Size: 10.54 MB - mecab-0.996-2.module+el8+1967+1fd4a047.src.rpm
MD5: 1ed6aa5d14dc0a89e64318a098cba5e7
SHA-256: 7c14d0aabd28509a75315b44ab384f22df1e37ffef6c8d0a60d3969468a330b3
Size: 960.68 kB - mysql-8.0.45-1.module+el8+1967+1fd4a047.ML.1.src.rpm
MD5: 0f45988b49b6b3853bec108dfdd93553
SHA-256: 9571f17488ef4c0b81b6b44dbd08f54792c71274fd957633a5f403d2f60ec3f2
Size: 466.34 MB - rapidjson-1.1.0-6.module+el8+1967+1fd4a047.src.rpm
MD5: 7be396a68d5156317a7749a3dde22155
SHA-256: 96f8cfec40940621257af7b8f9c92fff1ecee10a884f0d48a1f8148862ec5f61
Size: 0.98 MB
Asianux Server 8 for x86_64
- mecab-0.996-2.module+el8+1967+1fd4a047.x86_64.rpm
MD5: 8d92bbf96f3ff54300af7f6f7504a87b
SHA-256: e758f8c729c40eb0a2f5214b4d32843e623d99619c55b6ab8c3dd9d3ee41bf19
Size: 392.30 kB - mecab-debugsource-0.996-2.module+el8+1967+1fd4a047.x86_64.rpm
MD5: 665dd41461c50eaae1a18f7d58e24783
SHA-256: 8a21f8df16da8d01415d0778aa654d7aea4c243295f77afd8f92143dc7350616
Size: 165.54 kB - mecab-devel-0.996-2.module+el8+1967+1fd4a047.x86_64.rpm
MD5: a236934406fedcdf092633cfb8c6a249
SHA-256: 76951d87b85abc0583faf962ad871d65d0801a9f34ada506b4f96a0130302779
Size: 78.61 kB - mecab-ipadic-2.7.0.20070801-17.module+el8+1967+1fd4a047.x86_64.rpm
MD5: 647852d0b9dd6ac7fcb8515b9d10b244
SHA-256: 06e51916ce5cd5e8e92af0e884ef16ab4efaa7808284d594899ba5454910638d
Size: 10.52 MB - mecab-ipadic-EUCJP-2.7.0.20070801-17.module+el8+1967+1fd4a047.x86_64.rpm
MD5: 060405e5d8e671147e12f4d5667e30d5
SHA-256: 132cac2c9850c1dea0779798ec23d798726400b3f07d3acb9610877fe98eb34f
Size: 9.40 MB - mysql-8.0.45-1.module+el8+1967+1fd4a047.ML.1.x86_64.rpm
MD5: 0dd86d9fa14a6671bf027b08434c38c4
SHA-256: 52efc09a6d5fb00d329ef542ca6e985f3ee030b9b45f56bf95a7d86ee35608e5
Size: 14.55 MB - mysql-common-8.0.45-1.module+el8+1967+1fd4a047.ML.1.x86_64.rpm
MD5: 8724858cab637f007550f0e27bff73da
SHA-256: 8aff25cd6bce1aa0d1211100f72a0b9ec1a74ec39fdcf9a32499b58dd7040e86
Size: 135.70 kB - mysql-debugsource-8.0.45-1.module+el8+1967+1fd4a047.ML.1.x86_64.rpm
MD5: 882c7b15d72e3c743fa67d154be00171
SHA-256: 157a4f407b127f8b3615ecf81f6e0afda8d69b4b25e397df1d441b0b1ff53488
Size: 17.75 MB - mysql-devel-8.0.45-1.module+el8+1967+1fd4a047.ML.1.x86_64.rpm
MD5: ba65e20e17df7af25710f9cea1e387e5
SHA-256: 8d436d6729c4024d2aa3a63a2ff904b1a1e438a1245a82a6268f5c1c7df99c05
Size: 161.39 kB - mysql-errmsg-8.0.45-1.module+el8+1967+1fd4a047.ML.1.x86_64.rpm
MD5: 50c6f5eaa7169ce3574e722adfbce91a
SHA-256: edef2cc72c3807d9f739fa40d6b0efc39298d835d376bdf01606497e7667dd86
Size: 643.22 kB - mysql-libs-8.0.45-1.module+el8+1967+1fd4a047.ML.1.x86_64.rpm
MD5: 20ee0e3701c0a2b2485c31b7fbd90c76
SHA-256: 0d3ca26b03ef7b8ba6715cfdd56150fd66f4af3382bc45604075193d732cf621
Size: 1.48 MB - mysql-server-8.0.45-1.module+el8+1967+1fd4a047.ML.1.x86_64.rpm
MD5: ce261fa283ec73318a5c2f3044ca381c
SHA-256: 257f2112dd9f73576fb9d882f8fdcf845702e7e24264d55c42d2e145c3ff0c7e
Size: 32.53 MB - mysql-test-8.0.45-1.module+el8+1967+1fd4a047.ML.1.x86_64.rpm
MD5: 4e90e7894dc3d2b7cb6a1bee98fe46a5
SHA-256: 27dd4484cc0371a5e19f6faa43ad5d2317fd8f24e1371de55ac14381672bef51
Size: 404.30 MB
English