RLSA-2026:0247

Details

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL.

Security Fix(es):

mysql: High Privilege Denial of Service Vulnerability in MySQL Server (CVE-2025-21490)
mariadb: MariaDB Server Crash Due to Empty Backtrace Log (CVE-2023-52969)
mariadb: MariaDB Server Crash (CVE-2023-52971)
mariadb: MariaDB Server Crash via Item_direct_view_ref (CVE-2023-52970)
mysql: mysqldump unspecified vulnerability (CPU Apr 2025) (CVE-2025-30722)
mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-30693)
mariadb: MariaDB: mariadb-dump utility vulnerable to remote code execution via improper path validation (CVE-2025-13699)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Packages

Rocky Linux:9galera

Fixed in:

0:26.4.20-1.module+el9.7.0+40024+12a6f3b4

Rocky Linux:9mariadb

Fixed in:

3:10.11.15-1.module+el9.7.0+40065+b33d0971

References

REPORThttps://bugzilla.redhat.com/show_bug.cgi?id=2339221 REPORThttps://bugzilla.redhat.com/show_bug.cgi?id=2350916 REPORThttps://bugzilla.redhat.com/show_bug.cgi?id=2350917 REPORThttps://bugzilla.redhat.com/show_bug.cgi?id=2350918 REPORThttps://bugzilla.redhat.com/show_bug.cgi?id=2359885 REPORThttps://bugzilla.redhat.com/show_bug.cgi?id=2359963 REPORThttps://bugzilla.redhat.com/show_bug.cgi?id=2417693 ADVISORYhttps://errata.rockylinux.org/RLSA-2026:0247

RLSA-2026:0247

Details

Affected Packages

References

CVSS Analysis

Upstream

Ecosystems

Credits

Timeline