Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Moderate: mysql:8.0 security, bug fix, and enhancement update

Related Vulnerabilities: CVE-2021-2478   CVE-2021-2479   CVE-2021-2481   CVE-2021-35546   CVE-2021-35575   CVE-2021-35577   CVE-2021-35591   CVE-2021-35596   CVE-2021-35597   CVE-2021-35602   CVE-2021-35604   CVE-2021-35607   CVE-2021-35608   CVE-2021-35610   CVE-2021-35612   CVE-2021-35622   CVE-2021-35623   CVE-2021-35624   CVE-2021-35625   CVE-2021-35626   CVE-2021-35627   CVE-2021-35628   CVE-2021-35630   CVE-2021-35631   CVE-2021-35632   CVE-2021-35633   CVE-2021-35634   CVE-2021-35635   CVE-2021-35636   CVE-2021-35637   CVE-2021-35638   CVE-2021-35639   CVE-2021-35640   CVE-2021-35641   CVE-2021-35642   CVE-2021-35643   CVE-2021-35644   CVE-2021-35645   CVE-2021-35646   CVE-2021-35647   CVE-2021-35648   CVE-2022-21245   CVE-2022-21249   CVE-2022-21253   CVE-2022-21254   CVE-2022-21256   CVE-2022-21264   CVE-2022-21265   CVE-2022-21270   CVE-2022-21278   CVE-2022-21297   CVE-2022-21301   CVE-2022-21302   CVE-2022-21303   CVE-2022-21304   CVE-2022-21339   CVE-2022-21342   CVE-2022-21344   CVE-2022-21348   CVE-2022-21351   CVE-2022-21352   CVE-2022-21358   CVE-2022-21362   CVE-2022-21367   CVE-2022-21368   CVE-2022-21370   CVE-2022-21372   CVE-2022-21374   CVE-2022-21378   CVE-2022-21379   CVE-2022-21412   CVE-2022-21413   CVE-2022-21414   CVE-2022-21415   CVE-2022-21417   CVE-2022-21418   CVE-2022-21423   CVE-2022-21425   CVE-2022-21427   CVE-2022-21435   CVE-2022-21436   CVE-2022-21437   CVE-2022-21438   CVE-2022-21440   CVE-2022-21444   CVE-2022-21451   CVE-2022-21452   CVE-2022-21454   CVE-2022-21457   CVE-2022-21459   CVE-2022-21460   CVE-2022-21462   CVE-2022-21478   CVE-2022-21479   CVE-2022-21509   CVE-2022-21515   CVE-2022-21517   CVE-2022-21522   CVE-2022-21525   CVE-2022-21526   CVE-2022-21527   CVE-2022-21528   CVE-2022-21529   CVE-2022-21530   CVE-2022-21531   CVE-2022-21534   CVE-2022-21537   CVE-2022-21538   CVE-2022-21539   CVE-2022-21547   CVE-2022-21553   CVE-2022-21569  

Source

Synopsis

Moderate: mysql:8.0 security, bug fix, and enhancement update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.

The following packages have been upgraded to a later upstream version: mysql (8.0.30).

Security Fix(es):

  • mysql: Server: DML multiple unspecified vulnerabilities (CVE-2021-2478, CVE-2021-2479, CVE-2021-35591, CVE-2021-35607, CVE-2022-21301, CVE-2022-21413)
  • mysql: Server: Optimizer multiple unspecified vulnerabilities (CVE-2021-2481, CVE-2021-35575, CVE-2021-35577, CVE-2021-35610, CVE-2021-35612, CVE-2021-35626, CVE-2021-35627, CVE-2021-35628, CVE-2021-35634, CVE-2021-35635, CVE-2021-35636, CVE-2021-35638, CVE-2021-35641, CVE-2021-35642, CVE-2021-35643, CVE-2021-35644, CVE-2021-35645, CVE-2021-35646, CVE-2021-35647, CVE-2022-21253, CVE-2022-21254, CVE-2022-21264, CVE-2022-21278, CVE-2022-21297, CVE-2022-21339, CVE-2022-21342, CVE-2022-21351, CVE-2022-21370, CVE-2022-21378, CVE-2022-21412, CVE-2022-21414, CVE-2022-21435, CVE-2022-21436, CVE-2022-21437, CVE-2022-21438, CVE-2022-21440, CVE-2022-21452, CVE-2022-21459, CVE-2022-21462, CVE-2022-21478, CVE-2022-21479, CVE-2022-21509, CVE-2022-21525, CVE-2022-21526, CVE-2022-21527, CVE-2022-21528, CVE-2022-21529, CVE-2022-21530, CVE-2022-21531, CVE-2022-21553, CVE-2022-21569, CVE-2022-21265)
  • mysql: Server: Replication multiple unspecified vulnerabilities (CVE-2021-35546, CVE-2022-21344, CVE-2022-21415)
  • mysql: Server: Error Handling unspecified vulnerability (CVE-2021-35596)
  • mysql: C API unspecified vulnerability (CVE-2021-35597)
  • mysql: Server: Options multiple unspecified vulnerabilities (CVE-2021-35602, CVE-2021-35630, CVE-2022-21515)
  • mysql: InnoDB multiple unspecified vulnerabilities (CVE-2021-35604, CVE-2022-21302, CVE-2022-21348, CVE-2022-21352, CVE-2022-21417, CVE-2022-21418, CVE-2022-21451, CVE-2022-21517, CVE-2022-21537, CVE-2022-21539, CVE-2022-21423)
  • mysql: Server: Group Replication Plugin multiple unspecified vulnerabilities (CVE-2021-35608, CVE-2022-21256, CVE-2022-21379, CVE-2022-21454)
  • mysql: Server: Security: Encryption multiple unspecified vulnerabilities (CVE-2021-35622, CVE-2022-21358, CVE-2022-21372, CVE-2022-21538)
  • mysql: Server: Security: Privileges multiple unspecified vulnerabilities (CVE-2021-35624, CVE-2022-21245, CVE-2021-35625)
  • mysql: Server: GIS unspecified vulnerability (CVE-2021-35631)
  • mysql: Server: Data Dictionary unspecified vulnerability (CVE-2021-35632)
  • mysql: Server: PS unspecified vulnerability (CVE-2021-35637)
  • mysql: Server: Stored Procedure multiple unspecified vulnerabilities (CVE-2021-35639, CVE-2022-21303, CVE-2022-21522, CVE-2022-21534)
  • mysql: Server: FTS multiple unspecified vulnerabilities (CVE-2021-35648, CVE-2022-21427)
  • mysql: Server: Federated multiple unspecified vulnerabilities (CVE-2022-21270, CVE-2022-21547)
  • mysql: Server: Parser unspecified vulnerability (CVE-2022-21304)
  • mysql: Server: Information Schema multiple unspecified vulnerabilities (CVE-2022-21362, CVE-2022-21374)
  • mysql: Server: Compiling unspecified vulnerability (CVE-2022-21367)
  • mysql: Server: Components Services unspecified vulnerability (CVE-2022-21368)
  • mysql: Server: DDL multiple unspecified vulnerabilities (CVE-2022-21425, CVE-2022-21444, CVE-2021-35640, CVE-2022-21249)
  • mysql: Server: PAM Auth Plugin unspecified vulnerability (CVE-2022-21457)
  • mysql: Server: Logging multiple unspecified vulnerabilities (CVE-2022-21460, CVE-2021-35633)
  • mysql: Server: Security: Roles unspecified vulnerability (CVE-2021-35623)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • Rebuild mecab due to change in the suffix (from .el8 to .el8.0.0) [rhel-8] (BZ#2110940)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le

Fixes

  • BZ - 2016089 - CVE-2021-2478 mysql: Server: DML unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016090 - CVE-2021-2479 mysql: Server: DML unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016091 - CVE-2021-2481 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016093 - CVE-2021-35546 mysql: Server: Replication unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016094 - CVE-2021-35575 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016095 - CVE-2021-35577 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016097 - CVE-2021-35591 mysql: Server: DML unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016098 - CVE-2021-35596 mysql: Server: Error Handling unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016099 - CVE-2021-35597 mysql: C API unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016100 - CVE-2021-35602 mysql: Server: Options unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016101 - CVE-2021-35604 mysql: InnoDB unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016104 - CVE-2021-35607 mysql: Server: DML unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016105 - CVE-2021-35608 mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016106 - CVE-2021-35610 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016107 - CVE-2021-35612 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016108 - CVE-2021-35622 mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016109 - CVE-2021-35623 mysql: Server: Security: Roles unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016110 - CVE-2021-35624 mysql: Server: Security: Privileges unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016111 - CVE-2021-35625 mysql: Server: Security: Privileges unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016112 - CVE-2021-35626 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016113 - CVE-2021-35627 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016114 - CVE-2021-35628 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016117 - CVE-2021-35630 mysql: Server: Options unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016118 - CVE-2021-35631 mysql: Server: GIS unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016119 - CVE-2021-35632 mysql: Server: Data Dictionary unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016120 - CVE-2021-35633 mysql: Server: Logging unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016121 - CVE-2021-35634 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016122 - CVE-2021-35635 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016124 - CVE-2021-35636 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016126 - CVE-2021-35637 mysql: Server: PS unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016127 - CVE-2021-35638 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016128 - CVE-2021-35639 mysql: Server: Stored Procedure unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016129 - CVE-2021-35640 mysql: Server: DDL unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016130 - CVE-2021-35641 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016131 - CVE-2021-35642 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016132 - CVE-2021-35643 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016133 - CVE-2021-35644 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016134 - CVE-2021-35645 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016135 - CVE-2021-35646 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016137 - CVE-2021-35647 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2021)
  • BZ - 2016138 - CVE-2021-35648 mysql: Server: FTS unspecified vulnerability (CPU Oct 2021)
  • BZ - 2043620 - CVE-2022-21245 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043621 - CVE-2022-21249 mysql: Server: DDL unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043622 - CVE-2022-21253 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043623 - CVE-2022-21254 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043624 - CVE-2022-21256 mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043625 - CVE-2022-21264 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043626 - CVE-2022-21265 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043627 - CVE-2022-21270 mysql: Server: Federated unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043628 - CVE-2022-21278 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043629 - CVE-2022-21297 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043630 - CVE-2022-21301 mysql: Server: DML unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043631 - CVE-2022-21302 mysql: InnoDB unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043632 - CVE-2022-21303 mysql: Server: Stored Procedure unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043633 - CVE-2022-21304 mysql: Server: Parser unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043634 - CVE-2022-21339 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043635 - CVE-2022-21342 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043636 - CVE-2022-21344 mysql: Server: Replication unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043637 - CVE-2022-21348 mysql: InnoDB unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043638 - CVE-2022-21351 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043639 - CVE-2022-21352 mysql: InnoDB unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043640 - CVE-2022-21358 mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043641 - CVE-2022-21362 mysql: Server: Information Schema unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043642 - CVE-2022-21367 mysql: Server: Compiling unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043643 - CVE-2022-21368 mysql: Server: Components Services unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043644 - CVE-2022-21370 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043645 - CVE-2022-21372 mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043646 - CVE-2022-21374 mysql: Server: Information Schema unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043647 - CVE-2022-21378 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2022)
  • BZ - 2043648 - CVE-2022-21379 mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Jan 2022)
  • BZ - 2082636 - CVE-2022-21412 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)
  • BZ - 2082637 - CVE-2022-21413 mysql: Server: DML unspecified vulnerability (CPU Apr 2022)
  • BZ - 2082638 - CVE-2022-21414 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)
  • BZ - 2082639 - CVE-2022-21415 mysql: Server: Replication unspecified vulnerability (CPU Apr 2022)
  • BZ - 2082640 - CVE-2022-21417 mysql: InnoDB unspecified vulnerability (CPU Apr 2022)
  • BZ - 2082641 - CVE-2022-21418 mysql: InnoDB unspecified vulnerability (CPU Apr 2022)
  • BZ - 2082642 - CVE-2022-21423 mysql: InnoDB unspecified vulnerability (CPU Apr 2022)
  • BZ - 2082643 - CVE-2022-21425 mysql: Server: DDL unspecified vulnerability (CPU Apr 2022)
  • BZ - 2082644 - CVE-2022-21427 mysql: Server: FTS unspecified vulnerability (CPU Apr 2022)
  • BZ - 2082645 - CVE-2022-21435 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)
  • BZ - 2082646 - CVE-2022-21436 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)
  • BZ - 2082647 - CVE-2022-21437 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)
  • BZ - 2082648 - CVE-2022-21438 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)
  • BZ - 2082649 - CVE-2022-21440 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)
  • BZ - 2082650 - CVE-2022-21444 mysql: Server: DDL unspecified vulnerability (CPU Apr 2022)
  • BZ - 2082651 - CVE-2022-21451 mysql: InnoDB unspecified vulnerability (CPU Apr 2022)
  • BZ - 2082652 - CVE-2022-21452 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)
  • BZ - 2082653 - CVE-2022-21454 mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Apr 2022)
  • BZ - 2082654 - CVE-2022-21457 mysql: Server: PAM Auth Plugin unspecified vulnerability (CPU Apr 2022)
  • BZ - 2082655 - CVE-2022-21459 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)
  • BZ - 2082656 - CVE-2022-21460 mysql: Server: Logging unspecified vulnerability (CPU Apr 2022)
  • BZ - 2082657 - CVE-2022-21462 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)
  • BZ - 2082658 - CVE-2022-21478 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)
  • BZ - 2082659 - CVE-2022-21479 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)
  • BZ - 2110940 - Rebuild mecab due to change in the suffix (from .el8 to .el8.0.0) [rhel-8] [rhel-8.6.0.z]
  • BZ - 2115283 - CVE-2022-21509 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
  • BZ - 2115284 - CVE-2022-21515 mysql: Server: Options unspecified vulnerability (CPU Jul 2022)
  • BZ - 2115285 - CVE-2022-21517 mysql: InnoDB unspecified vulnerability (CPU Jul 2022)
  • BZ - 2115286 - CVE-2022-21522 mysql: Server: Stored Procedure unspecified vulnerability (CPU Jul 2022)
  • BZ - 2115287 - CVE-2022-21525 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
  • BZ - 2115288 - CVE-2022-21526 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
  • BZ - 2115289 - CVE-2022-21527 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
  • BZ - 2115290 - CVE-2022-21528 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
  • BZ - 2115291 - CVE-2022-21529 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
  • BZ - 2115292 - CVE-2022-21530 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
  • BZ - 2115293 - CVE-2022-21531 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
  • BZ - 2115294 - CVE-2022-21534 mysql: Server: Stored Procedure unspecified vulnerability (CPU Jul 2022)
  • BZ - 2115295 - CVE-2022-21537 mysql: InnoDB unspecified vulnerability (CPU Jul 2022)
  • BZ - 2115296 - CVE-2022-21538 mysql: Server: Security: Encryption unspecified vulnerability (CPU Jul 2022)
  • BZ - 2115297 - CVE-2022-21539 mysql: InnoDB unspecified vulnerability (CPU Jul 2022)
  • BZ - 2115298 - CVE-2022-21547 mysql: Server: Federated unspecified vulnerability (CPU Jul 2022)
  • BZ - 2115299 - CVE-2022-21553 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
  • BZ - 2115301 - CVE-2022-21569 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
  • BZ - 2122604 - Tracker: MySQL rebase to the latest version (8.0.30) [rhel-8.6.0.z]

CVEs

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started