CVE-2022-21537
Description
Moderate: mysql security, bug fix, and enhancement update
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Mitigation details
Description mysql: InnoDB unspecified vulnerability (CPU Jul 2022) CVSS v3: 4.9 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) Errata / fixed releases ProductPackageAdvisoryReleased Red Hat Enterprise Linux 8mysql:8.0-8060020220830124159.ad008a3aRHSA-2022:71192022-10-25T00:00:00Z Red Hat Enterprise Linux 9mysql-0:8.0.30-3.el9_0RHSA-2022:65902022-09-20T00:00:00Z Red Hat Software Collections forβ¦
Description
mysql: InnoDB unspecified vulnerability (CPU Jul 2022)
CVSS v3: 4.9 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
Errata / fixed releases
| Product | Package | Advisory | Released |
|---|---|---|---|
| Red Hat Enterprise Linux 8 | mysql:8.0-8060020220830124159.ad008a3a | RHSA-2022:7119 | 2022-10-25T00:00:00Z |
| Red Hat Enterprise Linux 9 | mysql-0:8.0.30-3.el9_0 | RHSA-2022:6590 | 2022-09-20T00:00:00Z |
| Red Hat Software Collections for Red Hat Enterprise Linux 7 | rh-mysql80-mysql-0:8.0.30-1.el7 | RHSA-2022:6518 | 2022-09-14T00:00:00Z |
Package state
| Product | Package | State |
|---|---|---|
| Red Hat Enterprise Linux 6 | mysql | Not affected |
| Red Hat Enterprise Linux 7 | mariadb | Not affected |
| Red Hat Enterprise Linux 8 | mariadb:10.3/mariadb | Not affected |
| Red Hat Enterprise Linux 8 | mariadb:10.5/mariadb | Not affected |
| Red Hat Enterprise Linux 9 | mariadb | Not affected |
| Red Hat OpenStack Platform 13 (Queens) | mariadb | Not affected |
| Red Hat Software Collections | rh-mariadb103-mariadb | Not affected |
| Red Hat Software Collections | rh-mariadb105-mariadb | Not affected |
Apply commands
yum update -y mysql:8
# or:
dnf upgrade -y mysql:8Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | Red Hat Enterprise Linux 6 | Not affected |
| redhat | Red Hat Enterprise Linux 7 | Not affected |
| redhat | Red Hat Enterprise Linux 8 | Not affected |
| redhat | Red Hat Enterprise Linux 8 | Not affected |
| redhat | Red Hat Enterprise Linux 9 | Not affected |
| redhat | Red Hat OpenStack Platform 13 (Queens) | Not affected |
| redhat | Red Hat Software Collections | Not affected |
| redhat | Red Hat Software Collections | Not affected |
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| rhel | 9 | fixed | |
| rocky | 8 | fixed | |
| rocky | 9 | fixed | |
| debian | sid | fixed | 8.0.30-1 |
| almalinux | 9 | fixed | mysql-server-8.0.30-3.el9_0.x86_64.rpm |
| almalinux | 8 | fixed | mecab-ipadic-2.7.0.20070801-16.module_el8.6.0+3340+d764b636.x86_64.rpm |
References
- https://access.redhat.com/errata/RHSA-2022:6590
- https://errata.rockylinux.org/RLSA-2022:7119
- https://errata.rockylinux.org/RLSA-2022:6590
- https://security-tracker.debian.org/tracker/CVE-2022-21537
- https://access.redhat.com/errata/RHSA-2022:7119
- https://bugzilla.redhat.com/2016089
- https://bugzilla.redhat.com/2016090
- https://bugzilla.redhat.com/2016091
- https://bugzilla.redhat.com/2016093
- https://bugzilla.redhat.com/2016094
- https://bugzilla.redhat.com/2016095
- https://bugzilla.redhat.com/2016097
- https://bugzilla.redhat.com/2016098
- https://bugzilla.redhat.com/2016099
- https://bugzilla.redhat.com/2016100
- https://bugzilla.redhat.com/2016101
- https://bugzilla.redhat.com/2016104
- https://bugzilla.redhat.com/2016105
- https://bugzilla.redhat.com/2016106
- https://bugzilla.redhat.com/2016107
- https://bugzilla.redhat.com/2016108
- https://bugzilla.redhat.com/2016109
- https://bugzilla.redhat.com/2016110
- https://bugzilla.redhat.com/2016111
- https://bugzilla.redhat.com/2016112
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.