Red Hat Security Advisory: mysql:8.0 security update
This Red Hat security advisory addresses multiple vulnerabilities affecting the MySQL 8. 0 database server and related components, including OpenSSL, krb5, and curl libraries. The vulnerabilities include buffer overreads, denial of service, privilege misuse, unauthorized data modification, and other unspecified issues across various MySQL subsystems such as Thread Pooling, X Plugin, Optimizer, InnoDB, Information Schema, and more. The advisory covers a broad set of CVEs from 2024 and 2025, indicating ongoing security improvements. Red Hat has released updated packages for Red Hat Enterprise Linux 8 to remediate these issues. The advisory rates the overall security impact as Important (high severity).
AI Analysis
Technical Summary
The advisory details a security update for MySQL 8.0 on Red Hat Enterprise Linux 8, addressing numerous vulnerabilities identified by multiple CVEs. These include a buffer overread in OpenSSL (CVE-2024-5535), GSS message token handling in krb5 (CVE-2024-37371), ASN.1 date parser overread in libcurl (CVE-2024-7264), and a wide range of unspecified vulnerabilities in MySQL components such as Thread Pooling, X Plugin, Optimizer, Client programs, Information Schema, InnoDB, Group Replication, FTS, Health Monitor, DML, PS, DDL, mysqldump, Performance Schema, Privileges, Parser, and Packaging. Some vulnerabilities allow denial of service, unauthorized data modification, or privilege misuse. Red Hat has issued patches for these vulnerabilities as part of their October 2024 and January 2025 CPU updates. The advisory provides links to detailed CVE pages and instructions for applying updates.
Potential Impact
The vulnerabilities collectively pose risks including potential buffer overreads, denial of service conditions, privilege misuse, unauthorized data modification, and other unspecified impacts within MySQL server components and related libraries. These issues could affect the confidentiality, integrity, and availability of the MySQL database service if exploited. The advisory rates the overall impact as Important, indicating significant security concerns but does not specify exploitation in the wild. The broad range of affected components suggests multiple attack surfaces within MySQL and its dependencies.
Mitigation Recommendations
Red Hat has released updated packages for MySQL 8.0 as part of Red Hat Enterprise Linux 8 updates to address these vulnerabilities. Users should apply the security update RHSA-2025:1673 promptly to remediate the issues. Detailed instructions for applying the update are available at https://access.redhat.com/articles/11258. Since this is an on-premises product, administrators must manually deploy the patches. No indication is given that no action is required or that the issues are already mitigated without patching. Patch status is confirmed by the vendor advisory.
Red Hat Security Advisory: mysql:8.0 security update
Description
This Red Hat security advisory addresses multiple vulnerabilities affecting the MySQL 8. 0 database server and related components, including OpenSSL, krb5, and curl libraries. The vulnerabilities include buffer overreads, denial of service, privilege misuse, unauthorized data modification, and other unspecified issues across various MySQL subsystems such as Thread Pooling, X Plugin, Optimizer, InnoDB, Information Schema, and more. The advisory covers a broad set of CVEs from 2024 and 2025, indicating ongoing security improvements. Red Hat has released updated packages for Red Hat Enterprise Linux 8 to remediate these issues. The advisory rates the overall security impact as Important (high severity).
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The advisory details a security update for MySQL 8.0 on Red Hat Enterprise Linux 8, addressing numerous vulnerabilities identified by multiple CVEs. These include a buffer overread in OpenSSL (CVE-2024-5535), GSS message token handling in krb5 (CVE-2024-37371), ASN.1 date parser overread in libcurl (CVE-2024-7264), and a wide range of unspecified vulnerabilities in MySQL components such as Thread Pooling, X Plugin, Optimizer, Client programs, Information Schema, InnoDB, Group Replication, FTS, Health Monitor, DML, PS, DDL, mysqldump, Performance Schema, Privileges, Parser, and Packaging. Some vulnerabilities allow denial of service, unauthorized data modification, or privilege misuse. Red Hat has issued patches for these vulnerabilities as part of their October 2024 and January 2025 CPU updates. The advisory provides links to detailed CVE pages and instructions for applying updates.
Potential Impact
The vulnerabilities collectively pose risks including potential buffer overreads, denial of service conditions, privilege misuse, unauthorized data modification, and other unspecified impacts within MySQL server components and related libraries. These issues could affect the confidentiality, integrity, and availability of the MySQL database service if exploited. The advisory rates the overall impact as Important, indicating significant security concerns but does not specify exploitation in the wild. The broad range of affected components suggests multiple attack surfaces within MySQL and its dependencies.
Mitigation Recommendations
Red Hat has released updated packages for MySQL 8.0 as part of Red Hat Enterprise Linux 8 updates to address these vulnerabilities. Users should apply the security update RHSA-2025:1673 promptly to remediate the issues. Detailed instructions for applying the update are available at https://access.redhat.com/articles/11258. Since this is an on-premises product, administrators must manually deploy the patches. No indication is given that no action is required or that the issues are already mitigated without patching. Patch status is confirmed by the vendor advisory.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2025:1673
- Cve Count
- 49
- Additional Cves
- ["CVE-2024-7264","CVE-2024-11053","CVE-2024-21193","CVE-2024-21194","CVE-2024-21196","CVE-2024-21197","CVE-2024-21198","CVE-2024-21199","CVE-2024-21201","CVE-2024-21203","CVE-2024-21212","CVE-2024-21213","CVE-2024-21218","CVE-2024-21219","CVE-2024-21230","CVE-2024-21231","CVE-2024-21236","CVE-2024-21237","CVE-2024-21238","CVE-2024-21239","CVE-2024-21241","CVE-2024-21247","CVE-2024-37371","CVE-2025-21490","CVE-2025-21491","CVE-2025-21494","CVE-2025-21497","CVE-2025-21500","CVE-2025-21501","CVE-2025-21503","CVE-2025-21504","CVE-2025-21505","CVE-2025-21518","CVE-2025-21519","CVE-2025-21520","CVE-2025-21521","CVE-2025-21522","CVE-2025-21523","CVE-2025-21525","CVE-2025-21529","CVE-2025-21531","CVE-2025-21534","CVE-2025-21536","CVE-2025-21540","CVE-2025-21543","CVE-2025-21546","CVE-2025-21555","CVE-2025-21559"]
- Cvss Version
- null
Threat ID: 6a1f4ea0e29bf47b50087872
Added to database: 6/2/2026, 9:44:00 PM
Last enriched: 6/2/2026, 10:26:15 PM
Last updated: 6/3/2026, 5:03:16 AM
Views: 7
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.