Bug 2339270 (CVE-2025-21521) - CVE-2025-21521 mysql: Thread Pooling unspecified vulnerability (CPU Jan 2025)
Summary: CVE-2025-21521 mysql: Thread Pooling unspecified vulnerability (CPU Jan 2025)
Keywords:
Status: NEW
Alias: CVE-2025-21521
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2319437
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-01-21 21:05 UTC by OSIDB Bzimport
Modified: 2025-04-06 19:13 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2025:1988 0 None None None 2025-03-03 07:39:47 UTC
Red Hat Product Errata RHSA-2025:1671 0 None None None 2025-02-19 10:27:58 UTC
Red Hat Product Errata RHSA-2025:1673 0 None None None 2025-02-19 11:04:09 UTC
Red Hat Product Errata RHSA-2025:1755 0 None None None 2025-02-24 04:34:50 UTC
Red Hat Product Errata RHSA-2025:1756 0 None None None 2025-02-24 04:52:55 UTC
Red Hat Product Errata RHSA-2025:1757 0 None None None 2025-02-24 06:20:38 UTC
Red Hat Product Errata RHSA-2025:1766 0 None None None 2025-02-24 13:11:37 UTC
Red Hat Product Errata RHSA-2025:1767 0 None None None 2025-02-24 13:28:13 UTC
Red Hat Product Errata RHSA-2025:2882 0 None None None 2025-03-17 06:01:57 UTC
Red Hat Product Errata RHSA-2025:2883 0 None None None 2025-03-17 07:41:49 UTC

Description OSIDB Bzimport 2025-01-21 21:05:13 UTC 
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling).  Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and  9.0.1 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 7.5 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
Comment 1 errata-xmlrpc 2025-02-19 10:27:57 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:1671 https://access.redhat.com/errata/RHSA-2025:1671
Comment 2 errata-xmlrpc 2025-02-19 11:04:08 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:1673 https://access.redhat.com/errata/RHSA-2025:1673
Comment 3 errata-xmlrpc 2025-02-24 04:34:49 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2025:1755 https://access.redhat.com/errata/RHSA-2025:1755
Comment 4 errata-xmlrpc 2025-02-24 04:52:54 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2025:1756 https://access.redhat.com/errata/RHSA-2025:1756
Comment 5 errata-xmlrpc 2025-02-24 06:20:37 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Extended Update Support

Via RHSA-2025:1757 https://access.redhat.com/errata/RHSA-2025:1757
Comment 6 errata-xmlrpc 2025-02-24 13:11:36 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2025:1766 https://access.redhat.com/errata/RHSA-2025:1766
Comment 7 errata-xmlrpc 2025-02-24 13:28:12 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2025:1767 https://access.redhat.com/errata/RHSA-2025:1767
Comment 8 errata-xmlrpc 2025-03-17 06:01:56 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service

Via RHSA-2025:2882 https://access.redhat.com/errata/RHSA-2025:2882
Comment 9 errata-xmlrpc 2025-03-17 07:41:48 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support

Via RHSA-2025:2883 https://access.redhat.com/errata/RHSA-2025:2883
Note You need to log in before you can comment on or make changes to this bug.