Early Access — Mondoo Vulnerability Intelligence is currently in preview.

SUSE-SU-2025:4491-1 | Mondoo Vulnerability Intelligence

SUSE-SU-2025:4491-1

UNKNOWN

Security update for mariadb

Published Dec 19, 2025

Modified 3 weeks ago

Fix available

Details

This update for mariadb fixes the following issues:

Update to version 10.5.29.

Release notes and changelog:

https://mariadb.com/kb/en/mariadb-10-5-29-release-notes/
https://mariadb.com/kb/en/mariadb-10-5-29-changelog/
https://mariadb.com/kb/en/mariadb-10-5-28-release-notes/
https://mariadb.com/kb/en/mariadb-10-5-28-changelog/

Security issues fixed:

Version 10.5.28:
- CVE-2025-21490: InnoDB issue allows high privileged attacker with network access to cause a hang or frequently repeatable crash of MySQL Server (bsc#1243356).
Version 10.5.29:
- CVE-2025-30693: InnoDB issue allows high privileged attacker with network access to gain unauthorized update, insert or delete access to data and cause repeatable crash in MySQL server (bsc#1249213).
- CVE-2025-30722: mysqldump issue allows low privileged attacker with network access to gain unauthorized update, insert or delete access to data in MySQL Client (bsc#1249212).
- CVE-2023-52969: crash with empty backtrace log in MariaDB Server (bsc#1239150).
- CVE-2023-52970: crash in MariaDB Server when inserting from derived table containing insert target table (bsc#1239151).
CVE-2025-13699: lack of proper validation of a user-supplied path prior to using it in file operations allows an attacker to execute code in the context of the current user (bsc#1254313).

Affected Packages

SUSE:Enterprise Storage 7.1libmariadbd-devel

Fixed in:

10.5.29-150300.3.55.1

SUSE:Enterprise Storage 7.1libmariadbd19

Fixed in:

10.5.29-150300.3.55.1

SUSE:Enterprise Storage 7.1mariadb

Fixed in:

10.5.29-150300.3.55.1

SUSE:Enterprise Storage 7.1mariadb-client

Fixed in:

10.5.29-150300.3.55.1

SUSE:Enterprise Storage 7.1mariadb-errormessages

Fixed in:

10.5.29-150300.3.55.1

SUSE:Enterprise Storage 7.1mariadb-tools

Fixed in:

10.5.29-150300.3.55.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSSlibmariadbd-devel

Fixed in:

10.5.29-150300.3.55.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSSlibmariadbd19

Fixed in:

10.5.29-150300.3.55.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSSmariadb

Fixed in:

10.5.29-150300.3.55.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSSmariadb-client

Fixed in:

10.5.29-150300.3.55.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSSmariadb-errormessages

Fixed in:

10.5.29-150300.3.55.1

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSSmariadb-tools

Fixed in:

10.5.29-150300.3.55.1

SUSE:Linux Enterprise Server 15 SP3-LTSSlibmariadbd-devel

Fixed in:

10.5.29-150300.3.55.1

SUSE:Linux Enterprise Server 15 SP3-LTSSlibmariadbd19

Fixed in:

10.5.29-150300.3.55.1

SUSE:Linux Enterprise Server 15 SP3-LTSSmariadb

Fixed in:

10.5.29-150300.3.55.1

SUSE:Linux Enterprise Server 15 SP3-LTSSmariadb-client

Fixed in:

10.5.29-150300.3.55.1

SUSE:Linux Enterprise Server 15 SP3-LTSSmariadb-errormessages

Fixed in:

10.5.29-150300.3.55.1

SUSE:Linux Enterprise Server 15 SP3-LTSSmariadb-tools

Fixed in:

10.5.29-150300.3.55.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP3libmariadbd-devel

Fixed in:

10.5.29-150300.3.55.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP3libmariadbd19

Fixed in:

10.5.29-150300.3.55.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP3mariadb

Fixed in:

10.5.29-150300.3.55.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP3mariadb-client

Fixed in:

10.5.29-150300.3.55.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP3mariadb-errormessages

Fixed in:

10.5.29-150300.3.55.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP3mariadb-tools

Fixed in:

10.5.29-150300.3.55.1

References

REPORThttps://bugzilla.suse.com/1239150 REPORThttps://bugzilla.suse.com/1239151 REPORThttps://bugzilla.suse.com/1243356 REPORThttps://bugzilla.suse.com/1249212 REPORThttps://bugzilla.suse.com/1249213 REPORThttps://bugzilla.suse.com/1254313 WEBhttps://www.suse.com/security/cve/CVE-2023-52969 WEBhttps://www.suse.com/security/cve/CVE-2023-52970 WEBhttps://www.suse.com/security/cve/CVE-2025-13699 WEBhttps://www.suse.com/security/cve/CVE-2025-21490 WEBhttps://www.suse.com/security/cve/CVE-2025-30693 WEBhttps://www.suse.com/security/cve/CVE-2025-30722 ADVISORYhttps://www.suse.com/support/update/announcement/2025/suse-su-20254491-1/

Upstream

CVE-2023-52969 CVE-2023-52970 CVE-2025-13699 CVE-2025-21490 CVE-2025-30693 CVE-2025-30722

Related

CVE-2023-52969 CVE-2023-52970 CVE-2025-13699 CVE-2025-21490 CVE-2025-30693 CVE-2025-30722

Ecosystems

SUSE Enterprise Storage 7.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS SUSE Linux Enterprise Server 15 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP3

Timeline

PublishedDec 19, 2025

ModifiedDec 19, 2025