mysql:8.4 security update

エラータID: AXSA:2026-431:01

リリース日: 
2026/04/14 Tuesday - 18:37
題名: 
mysql:8.4 security update
影響のあるチャネル: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.

Security Fix(es):

* mysql: Optimizer unspecified vulnerability (CPU Jan 2026) (CVE-2026-21941)
* mysql: Optimizer unspecified vulnerability (CPU Jan 2026) (CVE-2026-21948)
* mysql: InnoDB unspecified vulnerability (CPU Jan 2026) (CVE-2026-21936)
* mysql: Optimizer unspecified vulnerability (CPU Jan 2026) (CVE-2026-21968)
* mysql: DDL unspecified vulnerability (CPU Jan 2026) (CVE-2026-21937)
* mysql: Thread Pooling unspecified vulnerability (CPU Jan 2026) (CVE-2026-21964)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2026-21936
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2026-21937
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2026-21941
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2026-21948
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2026-21964
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2026-21968
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Modularity name: "mysql"
Stream name: "8.4"

解決策: 

Update packages.

CVE: 
CVE-2026-21936
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2026-21937
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2026-21941
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2026-21948
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2026-21964
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2026-21968
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. mecab-ipadic-2.7.0.20070801-17.module+el8+1971+d0d2b256.src.rpm
    MD5: 45a4fd8802f66a528e3b67f293abd739
    SHA-256: 66ff61730e08d42ca9cc67eeee0f5aca6b22119a2a90369d9e613ba6b6ed8be6
    Size: 10.54 MB
  2. mecab-0.996-2.module+el8+1971+d0d2b256.src.rpm
    MD5: c23b8c531cd01424b781012d78a424b9
    SHA-256: ec75e8fe38b66733a3a9ac511dca77eb76aaf77667158dab4d813d8407986596
    Size: 960.68 kB
  3. mysql-8.4.8-1.module+el8+1971+d0d2b256.ML.1.src.rpm
    MD5: 367066c9296b60db44c0d38d42e1a04a
    SHA-256: 9b40bac863f5ebe8c8a0d6ce67a32c0ccf190c1f1283d567bf69554d5ca43e25
    Size: 453.59 MB
  4. rapidjson-1.1.0-3.module+el8+1971+d0d2b256.src.rpm
    MD5: e8d0b487b94f1309d9d430e3d518b640
    SHA-256: 115c79ec8d6a7c1fff5ad5454950517f9fd4b2302c6c87978e587a2661de6144
    Size: 0.98 MB

Asianux Server 8 for x86_64
  1. mecab-0.996-2.module+el8+1971+d0d2b256.x86_64.rpm
    MD5: c729f8ba4ed5f2fe4b4e326041ea4e77
    SHA-256: 707df3c4a4544843844f42ab4e305c5e7112ec2943b38e85c7cfba8bcafa07cd
    Size: 392.32 kB
  2. mecab-debugsource-0.996-2.module+el8+1971+d0d2b256.x86_64.rpm
    MD5: 15b962eae0c1b67a0c1f7620caf15a63
    SHA-256: 1d33cb4c82bb58ad1c2aac6c15d15e2bcb8875f80db3658a6e1af9b898c6ebb1
    Size: 165.54 kB
  3. mecab-devel-0.996-2.module+el8+1971+d0d2b256.x86_64.rpm
    MD5: 9dfbe55e65300e7e16da8d20dc7cee31
    SHA-256: 9fd3353f3423b218154ef27ebb87bd4a2e17cb3e3006fc29e97528462bc331ee
    Size: 78.61 kB
  4. mecab-ipadic-2.7.0.20070801-17.module+el8+1971+d0d2b256.x86_64.rpm
    MD5: d7727c07af38b4f6eeb836a059aa31f6
    SHA-256: df2e134216363ea94dddb5f82936856a3abdc720ec8fdea6ac7d1cbb51e24d59
    Size: 10.52 MB
  5. mecab-ipadic-EUCJP-2.7.0.20070801-17.module+el8+1971+d0d2b256.x86_64.rpm
    MD5: e26aa7c0bbf9f77028ad4186a4c5ece5
    SHA-256: 259c5c0cebb677641e28695584c505aa8c60a143562f538715f8a5397dbb9ed0
    Size: 9.40 MB
  6. mysql-8.4.8-1.module+el8+1971+d0d2b256.ML.1.x86_64.rpm
    MD5: 2d14d4b79345bfccd2172d6f622efdc5
    SHA-256: 73e04ddd13240a68fff801f5d0c73cb54ba95f0ae83e215ac0f6d5a71d543014
    Size: 9.89 MB
  7. mysql-common-8.4.8-1.module+el8+1971+d0d2b256.ML.1.noarch.rpm
    MD5: 1a1fa8990117521b8bb3ccde9ec336f1
    SHA-256: bad18a6a24a9267df6db8d7a497f4c88cce6202a2bc50f7d571fd2f8c2e81067
    Size: 141.87 kB
  8. mysql-debugsource-8.4.8-1.module+el8+1971+d0d2b256.ML.1.x86_64.rpm
    MD5: 154923ba7d95f28bc66c9102ecc83a9d
    SHA-256: 81342041ffa6240d4389e4ee11383f04c2a4c95efe33cb7b82c39be250df53de
    Size: 19.08 MB
  9. mysql-devel-8.4.8-1.module+el8+1971+d0d2b256.ML.1.x86_64.rpm
    MD5: 47b8211ddc274e3cccb99fad0b53de67
    SHA-256: e94f2f2322a86e4c1293f418846725476b88da4f5bb8158d79367b0c9100cfe3
    Size: 171.84 kB
  10. mysql-errmsg-8.4.8-1.module+el8+1971+d0d2b256.ML.1.noarch.rpm
    MD5: a196341bd22804644c55e5e31b92e775
    SHA-256: 311e6c5a1b0de55b82407de3050f07a2fcc42b4f37158f26ac5f7fd16eb8f9fd
    Size: 673.33 kB
  11. mysql-libs-8.4.8-1.module+el8+1971+d0d2b256.ML.1.x86_64.rpm
    MD5: 645f09268fe258982ee5c22ce0a7cfec
    SHA-256: 2845e110557c928e20854a2ee92632488537214117c5a0618d06fab70da81e12
    Size: 1.28 MB
  12. mysql-server-8.4.8-1.module+el8+1971+d0d2b256.ML.1.x86_64.rpm
    MD5: abb6c126ce86488e01969178a550046b
    SHA-256: a1d0acf922de01e9f653e134bc4cc13c9d83fbe8837be308c5d805a54f5054c5
    Size: 24.71 MB
  13. mysql-test-8.4.8-1.module+el8+1971+d0d2b256.ML.1.x86_64.rpm
    MD5: 4fbb5f7bfbf73c1622bdb350027fdb1c
    SHA-256: ca340bb2aee343dc63d0a38ba7fd573b6d909833cc404601fc3496389b7b2d2f
    Size: 5.72 MB
  14. mysql-test-data-8.4.8-1.module+el8+1971+d0d2b256.ML.1.noarch.rpm
    MD5: b52fe1d06a1b59bdbca354ed514be09d
    SHA-256: d9b63452496d6a20e72c1b2b3f37bd3a444a6a0c3c333b98774df13a207bedbf
    Size: 384.80 MB