VIR Vulnerability Intelligence Relay

CVE-2023-21875

high
Published 2023-05-09 Β· Modified 2023-05-16
πŸ’¬ Discuss on Community ✚ Propose mitigation
CVSS v3
β€”
CVSS v4 NEW
β€”
not yet in upstream
VIR risk
8.0

Description

RHSA-2023:3087: mysql:8.0 security, bug fix, and enhancement update (Important)

Predictions

Exploit likelihood
20%
Patch ETA
β€”

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

Mitigation details

Source: Red Hat Errata β€” Red Hat Inc. Β· View original β†— Β· Open-Errata-API

Description mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan 2023) CVSS v3: 5.9 (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H) Errata / fixed releases ProductPackageAdvisoryReleased Red Hat Enterprise Linux 8mysql:8.0-8080020230322094358.63b34585RHSA-2023:30872023-05-16T00:00:00Z Red Hat Enterprise Linux 9mysql-0:8.0.32-1.el9_2RHSA-2023:26212023-05-09T00:00:00Z Red Hat…

Description

mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan 2023)

CVSS v3: 5.9 (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H)

Errata / fixed releases

ProductPackageAdvisoryReleased
Red Hat Enterprise Linux 8mysql:8.0-8080020230322094358.63b34585RHSA-2023:30872023-05-16T00:00:00Z
Red Hat Enterprise Linux 9mysql-0:8.0.32-1.el9_2RHSA-2023:26212023-05-09T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7rh-mysql80-mysql-0:8.0.32-1.el7RHSA-2023:11022023-03-07T00:00:00Z

Package state

ProductPackageState
Red Hat Enterprise Linux 6mysqlNot affected
Red Hat Enterprise Linux 7mariadbNot affected
Red Hat Enterprise Linux 8mariadb:10.3/mariadbNot affected
Red Hat Enterprise Linux 8mariadb:10.5/mariadbNot affected
Red Hat Enterprise Linux 9mariadbNot affected
Red Hat OpenStack Platform 10 (Newton)mariadb-galeraNot affected
Red Hat OpenStack Platform 13 (Queens)mariadbNot affected
Red Hat Software Collectionsrh-mariadb103-mariadbNot affected
Red Hat Software Collectionsrh-mariadb105-mariadbNot affected

Apply commands

bash fix
Apply RHSA-2023:3087 for Red Hat Enterprise Linux 8
yum update -y mysql:8
# or:
dnf upgrade -y mysql:8

Affected

VendorProductVersion
redhatRed Hat Enterprise Linux 6Not affected
redhatRed Hat Enterprise Linux 7Not affected
redhatRed Hat Enterprise Linux 8Not affected
redhatRed Hat Enterprise Linux 8Not affected
redhatRed Hat Enterprise Linux 9Not affected
redhatRed Hat OpenStack Platform 10 (Newton)Not affected
redhatRed Hat OpenStack Platform 13 (Queens)Not affected
redhatRed Hat Software CollectionsNot affected
redhatRed Hat Software CollectionsNot affected

OS impact
OSVersionStatusFixed in
redhat rhel9fixed
debian debiansidfixed8.0.32-1
almalinux almalinux8fixedmecab-ipadic-2.7.0.20070801-16.module_el8.6.0+3340+d764b636.x86_64.rpm
almalinux almalinux9fixedmysql-errmsg-8.0.32-1.el9_2.x86_64.rpm
redhat rhel8fixed

References

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.