RLSA-2026:0136

Details

MariaDB is a community developed fork from MySQL - a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon (mariadbd) and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs and utilities.

Security Fix(es):

mysql: High Privilege Denial of Service Vulnerability in MySQL Server (CVE-2025-21490)
mariadb: MariaDB Server Crash Due to Empty Backtrace Log (CVE-2023-52969)
mariadb: MariaDB Server Crash (CVE-2023-52971)
mariadb: MariaDB Server Crash via Item_direct_view_ref (CVE-2023-52970)
mysql: mysqldump unspecified vulnerability (CPU Apr 2025) (CVE-2025-30722)
mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-30693)
mariadb: MariaDB: mariadb-dump utility vulnerable to remote code execution via improper path validation (CVE-2025-13699)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Packages

Rocky Linux:10mariadb10.11

Fixed in:

3:10.11.15-1.el10_1

References

REPORThttps://bugzilla.redhat.com/show_bug.cgi?id=2339221 REPORThttps://bugzilla.redhat.com/show_bug.cgi?id=2350916 REPORThttps://bugzilla.redhat.com/show_bug.cgi?id=2350917 REPORThttps://bugzilla.redhat.com/show_bug.cgi?id=2350918 REPORThttps://bugzilla.redhat.com/show_bug.cgi?id=2359885 REPORThttps://bugzilla.redhat.com/show_bug.cgi?id=2359963 REPORThttps://bugzilla.redhat.com/show_bug.cgi?id=2417693 ADVISORYhttps://errata.rockylinux.org/RLSA-2026:0136

RLSA-2026:0136

Details

Affected Packages

References

CVSS Analysis

Upstream

Ecosystems

Credits

Timeline