The following advisory data is extracted from: https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_1673.json Red Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment. - Packet Storm Staff ==================================================================== Red Hat Security Advisory Synopsis: Important: mysql:8.0 security update Advisory ID: RHSA-2025:1673-03 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2025:1673 Issue date: 2025-02-19 Revision: 03 CVE Names: CVE-2024-5535 ==================================================================== Summary: An update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description: MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. Security Fix(es): * openssl: SSL_select_next_proto buffer overread (CVE-2024-5535) * krb5: GSS message token handling (CVE-2024-37371) * curl: libcurl: ASN.1 date parser overread (CVE-2024-7264) * mysql: Thread Pooling unspecified vulnerability (CPU Oct 2024) (CVE-2024-21238) * mysql: X Plugin unspecified vulnerability (CPU Oct 2024) (CVE-2024-21196) * mysql: Optimizer unspecified vulnerability (CPU Oct 2024) (CVE-2024-21241) * mysql: Client programs unspecified vulnerability (CPU Oct 2024) (CVE-2024-21231) * mysql: Information Schema unspecified vulnerability (CPU Oct 2024) (CVE-2024-21197) * mysql: InnoDB unspecified vulnerability (CPU Oct 2024) (CVE-2024-21218) * mysql: Optimizer unspecified vulnerability (CPU Oct 2024) (CVE-2024-21201) * mysql: InnoDB unspecified vulnerability (CPU Oct 2024) (CVE-2024-21236) * mysql: Group Replication GCS unspecified vulnerability (CPU Oct 2024) (CVE-2024-21237) * mysql: FTS unspecified vulnerability (CPU Oct 2024) (CVE-2024-21203) * mysql: Health Monitor unspecified vulnerability (CPU Oct 2024) (CVE-2024-21212) * mysql: DML unspecified vulnerability (CPU Oct 2024) (CVE-2024-21219) * mysql: Optimizer unspecified vulnerability (CPU Oct 2024) (CVE-2024-21230) * mysql: InnoDB unspecified vulnerability (CPU Oct 2024) (CVE-2024-21213) * mysql: InnoDB unspecified vulnerability (CPU Oct 2024) (CVE-2024-21194) * mysql: InnoDB unspecified vulnerability (CPU Oct 2024) (CVE-2024-21199) * mysql: PS unspecified vulnerability (CPU Oct 2024) (CVE-2024-21193) * mysql: DDL unspecified vulnerability (CPU Oct 2024) (CVE-2024-21198) * mysql: mysqldump unspecified vulnerability (CPU Oct 2024) (CVE-2024-21247) * mysql: InnoDB unspecified vulnerability (CPU Oct 2024) (CVE-2024-21239) * curl: curl netrc password leak (CVE-2024-11053) * mysql: InnoDB unspecified vulnerability (CPU Jan 2025) (CVE-2025-21497) * mysql: MySQL Server Options Vulnerability (CVE-2025-21520) * mysql: High Privilege Denial of Service Vulnerability in MySQL Server (CVE-2025-21490) * mysql: Information Schema unspecified vulnerability (CPU Jan 2025) (CVE-2025-21529) * mysql: InnoDB unspecified vulnerability (CPU Jan 2025) (CVE-2025-21531) * mysql: Optimizer unspecified vulnerability (CPU Jan 2025) (CVE-2025-21504) * mysql: Privileges unspecified vulnerability (CPU Jan 2025) (CVE-2025-21540) * mysql: MySQL Server InnoDB Denial of Service and Unauthorized Data Modification Vulnerability (CVE-2025-21555) * mysql: Packaging unspecified vulnerability (CPU Jan 2025) (CVE-2025-21543) * mysql: MySQL Server InnoDB Denial of Service and Unauthorized Data Modification Vulnerability (CVE-2025-21491) * mysql: DDL unspecified vulnerability (CPU Jan 2025) (CVE-2025-21525) * mysql: Optimizer unspecified vulnerability (CPU Jan 2025) (CVE-2025-21536) * mysql: Thread Pooling unspecified vulnerability (CPU Jan 2025) (CVE-2025-21521) * mysql: Optimizer unspecified vulnerability (CPU Jan 2025) (CVE-2025-21501) * mysql: Performance Schema unspecified vulnerability (CPU Jan 2025) (CVE-2025-21534) * mysql: Privileges unspecified vulnerability (CPU Jan 2025) (CVE-2025-21494) * mysql: Privileges unspecified vulnerability (CPU Jan 2025) (CVE-2025-21519) * mysql: Parser unspecified vulnerability (CPU Jan 2025) (CVE-2025-21522) * mysql: InnoDB unspecified vulnerability (CPU Jan 2025) (CVE-2025-21503) * mysql: Optimizer unspecified vulnerability (CPU Jan 2025) (CVE-2025-21518) * mysql: MySQL Server InnoDB Denial of Service and Unauthorized Data Modification Vulnerability (CVE-2025-21559) * mysql: Privilege Misuse in MySQL Server Security Component (CVE-2025-21546) * mysql: Optimizer unspecified vulnerability (CPU Jan 2025) (CVE-2025-21500) * mysql: InnoDB unspecified vulnerability (CPU Jan 2025) (CVE-2025-21523) * mysql: Components Services unspecified vulnerability (CPU Jan 2025) (CVE-2025-21505) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution: https://access.redhat.com/articles/11258 CVEs: CVE-2024-5535 References: https://access.redhat.com/security/updates/classification/#important https://bugzilla.redhat.com/show_bug.cgi?id=2294581 https://bugzilla.redhat.com/show_bug.cgi?id=2294676 https://bugzilla.redhat.com/show_bug.cgi?id=2301888 https://bugzilla.redhat.com/show_bug.cgi?id=2318857 https://bugzilla.redhat.com/show_bug.cgi?id=2318858 https://bugzilla.redhat.com/show_bug.cgi?id=2318870 https://bugzilla.redhat.com/show_bug.cgi?id=2318873 https://bugzilla.redhat.com/show_bug.cgi?id=2318874 https://bugzilla.redhat.com/show_bug.cgi?id=2318876 https://bugzilla.redhat.com/show_bug.cgi?id=2318882 https://bugzilla.redhat.com/show_bug.cgi?id=2318883 https://bugzilla.redhat.com/show_bug.cgi?id=2318884 https://bugzilla.redhat.com/show_bug.cgi?id=2318885 https://bugzilla.redhat.com/show_bug.cgi?id=2318886 https://bugzilla.redhat.com/show_bug.cgi?id=2318897 https://bugzilla.redhat.com/show_bug.cgi?id=2318900 https://bugzilla.redhat.com/show_bug.cgi?id=2318905 https://bugzilla.redhat.com/show_bug.cgi?id=2318914 https://bugzilla.redhat.com/show_bug.cgi?id=2318922 https://bugzilla.redhat.com/show_bug.cgi?id=2318923 https://bugzilla.redhat.com/show_bug.cgi?id=2318925 https://bugzilla.redhat.com/show_bug.cgi?id=2318926 https://bugzilla.redhat.com/show_bug.cgi?id=2318927 https://bugzilla.redhat.com/show_bug.cgi?id=2331191 https://bugzilla.redhat.com/show_bug.cgi?id=2339218 https://bugzilla.redhat.com/show_bug.cgi?id=2339220 https://bugzilla.redhat.com/show_bug.cgi?id=2339221 https://bugzilla.redhat.com/show_bug.cgi?id=2339226 https://bugzilla.redhat.com/show_bug.cgi?id=2339231 https://bugzilla.redhat.com/show_bug.cgi?id=2339236 https://bugzilla.redhat.com/show_bug.cgi?id=2339238 https://bugzilla.redhat.com/show_bug.cgi?id=2339243 https://bugzilla.redhat.com/show_bug.cgi?id=2339247 https://bugzilla.redhat.com/show_bug.cgi?id=2339252 https://bugzilla.redhat.com/show_bug.cgi?id=2339259 https://bugzilla.redhat.com/show_bug.cgi?id=2339266 https://bugzilla.redhat.com/show_bug.cgi?id=2339270 https://bugzilla.redhat.com/show_bug.cgi?id=2339271 https://bugzilla.redhat.com/show_bug.cgi?id=2339275 https://bugzilla.redhat.com/show_bug.cgi?id=2339277 https://bugzilla.redhat.com/show_bug.cgi?id=2339281 https://bugzilla.redhat.com/show_bug.cgi?id=2339284 https://bugzilla.redhat.com/show_bug.cgi?id=2339291 https://bugzilla.redhat.com/show_bug.cgi?id=2339293 https://bugzilla.redhat.com/show_bug.cgi?id=2339295 https://bugzilla.redhat.com/show_bug.cgi?id=2339299 https://bugzilla.redhat.com/show_bug.cgi?id=2339300 https://bugzilla.redhat.com/show_bug.cgi?id=2339304 https://bugzilla.redhat.com/show_bug.cgi?id=2339305 https://issues.redhat.com/browse/RHEL-40866