Security Vulnerabilities fixed in mysql RHSA-2021:3590

description-logoDescription

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql (8.0.26). (BZ#1996693) Security Fix(es): mysql: Server: Stored Procedure multiple vulnerabilities (CVE-2020-14672, CVE-2021-2046, CVE-2021-2072, CVE-2021-2081, CVE-2021-2215, CVE-2021-2217, CVE-2021-2293, CVE-2021-2304, CVE-2021-2424) mysql: Server: FTS multiple vulnerabilities (CVE-2020-14765, CVE-2020-14789, CVE-2020-14804) mysql: Server: Optimizer multiple vulnerabilities (CVE-2020-14769, CVE-2020-14773, CVE-2020-14777, CVE-2020-14785, CVE-2020-14793, CVE-2020-14794, CVE-2020-14809, CVE-2020-14830, CVE-2020-14836, CVE-2020-14837, CVE-2020-14839, CVE-2020-14845, CVE-2020-14846, CVE-2020-14861, CVE-2020-14866, CVE-2020-14868, CVE-2020-14888, CVE-2020-14891, CVE-2020-14893, CVE-2021-2001, CVE-2021-2021, CVE-2021-2024, CVE-2021-2030, CVE-2021-2031, CVE-2021-2036, CVE-2021-2055, CVE-2021-2060, CVE-2021-2065, CVE-2021-2070, CVE-2021-2076, CVE-2021-2164, CVE-2021-2169, CVE-2021-2170, CVE-2021-2193, CVE-2021-2203, CVE-2021-2212, CVE-2021-2213, CVE-2021-2230, CVE-2021-2278, CVE-2021-2298, CVE-2021-2299, CVE-2021-2342, CVE-2021-2357, CVE-2021-2367, CVE-2021-2383, CVE-2021-2384, CVE-2021-2387, CVE-2021-2410, CVE-2021-2412, CVE-2021-2418, CVE-2021-2425, CVE-2021-2426, CVE-2021-2427, CVE-2021-2437, CVE-2021-2441, CVE-2021-2444) mysql: InnoDB multiple vulnerabilities (CVE-2020-14775, CVE-2020-14776, CVE-2020-14821, CVE-2020-14829, CVE-2020-14848, CVE-2021-2022, CVE-2021-2028, CVE-2021-2048, CVE-2021-2174, CVE-2021-2180, CVE-2021-2194, CVE-2021-2372, CVE-2021-2374, CVE-2021-2389, CVE-2021-2390, CVE-2021-2429, CVE-2020-14791, CVE-2021-2042) mysql: Server: PS multiple vulnerabilities (CVE-2020-14786, CVE-2020-14790, CVE-2020-14844, CVE-2021-2422) mysql: Server: Security multiple vulnerabilities (CVE-2020-14800, CVE-2020-14838, CVE-2020-14860) mysql: Server: Locking multiple vulnerabilities (CVE-2020-14812, CVE-2021-2058, CVE-2021-2402) mysql: Server: DML multiple vulnerabilities (CVE-2020-14814, CVE-2020-14828, CVE-2021-2056, CVE-2021-2087, CVE-2021-2088, CVE-2021-2166, CVE-2021-2172, CVE-2021-2196, CVE-2021-2300, CVE-2021-2305, CVE-2021-2370, CVE-2021-2440) mysql: Server: Charsets unspecified vulnerability (CVE-2020-14852) mysql: Server: DDL multiple vulnerabilities (CVE-2020-14867, CVE-2021-2061, CVE-2021-2122, CVE-2021-2339, CVE-2021-2352, CVE-2021-2399) mysql: Server: X Plugin unspecified vulnerability (CVE-2020-14870) mysql: Server: Logging unspecified vulnerability (CVE-2020-14873) mysql: Server: Replication multiple vulnerabilities (CVE-2021-2002, CVE-2021-2171, CVE-2021-2178, CVE-2021-2202, CVE-2021-2356, CVE-2021-2385) mysql: C API multiple vulnerabilities (CVE-2021-2010, CVE-2021-2011) mysql: Server: Components Services unspecified vulnerability (CVE-2021-2038) mysql: Server: Options unspecified vulnerability (CVE-2021-2146) mysql: Server: Group Replication Plugin multiple vulnerabilities (CVE-2021-2179, CVE-2021-2232) mysql: Server: Partition multiple vulnerabilities (CVE-2021-2201, CVE-2021-2208) mysql: Server: Information Schema multiple vulnerabilities (CVE-2021-2032, CVE-2021-2226, CVE-2021-2301, CVE-2021-2308) mysql: Server: Packaging unspecified vulnerability (CVE-2021-2307) mysql: Server: Federated unspecified vulnerability (CVE-2021-2354) mysql: Server: GIS unspecified vulnerability (CVE-2021-2417) mysql: Server: Memcached unspecified vulnerability (CVE-2021-2340) mysql: Server: Stored Procedure multiple vulnerabilities (CVE-2020-14672, CVE-2021-2046, CVE-2021-2072, CVE-2021-2081, CVE-2021-2215, CVE-2021-2217, CVE-2021-2293, CVE-2021-2304, CVE-2021-2424) mysql: Server: FTS multiple vulnerabilities (CVE-2020-14765, CVE-2020-14789, CVE-2020-14804) mysql: Server: Optimizer multiple vulnerabilities (CVE-2020-14769, CVE-2020-14773, CVE-2020-14777, CVE-2020-14785, CVE-2020-14793, CVE-2020-14794, CVE-2020-14809, CVE-2020-14830, CVE-2020-14836, CVE-2020-14837, CVE-2020-14839, CVE-2020-14845, CVE-2020-14846, CVE-2020-14861, CVE-2020-14866, CVE-2020-14868, CVE-2020-14888, CVE-2020-14891, CVE-2020-14893, CVE-2021-2001, CVE-2021-2021, CVE-2021-2024, CVE-2021-2030, CVE-2021-2031, CVE-2021-2036, CVE-2021-2055, CVE-2021-2060, CVE-2021-2065, CVE-2021-2070, CVE-2021-2076, CVE-2021-2164, CVE-2021-2169, CVE-2021-2170, CVE-2021-2193, CVE-2021-2203, CVE-2021-2212, CVE-2021-2213, CVE-2021-2230, CVE-2021-2278, CVE-2021-2298, CVE-2021-2299, CVE-2021-2342, CVE-2021-2357, CVE-2021-2367, CVE-2021-2383, CVE-2021-2384, CVE-2021-2387, CVE-2021-2410, CVE-2021-2412, CVE-2021-2418, CVE-2021-2425, CVE-2021-2426, CVE-2021-2427, CVE-2021-2437, CVE-2021-2441, CVE-2021-2444) mysql: InnoDB multiple vulnerabilities (CVE-2020-14775, CVE-2020-14776, CVE-2020-14821, CVE-2020-14829, CVE-2020-14848, CVE-2021-2022, CVE-2021-2028, CVE-2021-2048, CVE-2021-2174, CVE-2021-2180, CVE-2021-2194, CVE-2021-2372, CVE-2021-2374, CVE-2021-2389, CVE-2021-2390, CVE-2021-2429, CVE-2020-14791, CVE-2021-2042) mysql: Server: PS multiple vulnerabilities (CVE-2020-14786, CVE-2020-14790, CVE-2020-14844, CVE-2021-2422) mysql: Server: Security multiple vulnerabilities (CVE-2020-14800, CVE-2020-14838, CVE-2020-14860) mysql: Server: Locking multiple vulnerabilities (CVE-2020-14812, CVE-2021-2058, CVE-2021-2402) mysql: Server: DML multiple vulnerabilities (CVE-2020-14814, CVE-2020-14828, CVE-2021-2056, CVE-2021-2087, CVE-2021-2088, CVE-2021-2166, CVE-2021-2172, CVE-2021-2196, CVE-2021-2300, CVE-2021-2305, CVE-2021-2370, CVE-2021-2440) mysql: Server: Charsets unspecified vulnerability (CVE-2020-14852) mysql: Server: DDL multiple vulnerabilities (CVE-2020-14867, CVE-2021-2061, CVE-2021-2122, CVE-2021-2339, CVE-2021-2352, CVE-2021-2399) mysql: Server: X Plugin unspecified vulnerability (CVE-2020-14870) mysql: Server: Logging unspecified vulnerability (CVE-2020-14873) mysql: Server: Replication multiple vulnerabilities (CVE-2021-2002, CVE-2021-2171, CVE-2021-2178, CVE-2021-2202, CVE-2021-2356, CVE-2021-2385) mysql: C API multiple vulnerabilities (CVE-2021-2010, CVE-2021-2011) mysql: Server: Components Services unspecified vulnerability (CVE-2021-2038) mysql: Server: Options unspecified vulnerability (CVE-2021-2146) mysql: Server: Group Replication Plugin multiple vulnerabilities (CVE-2021-2179, CVE-2021-2232) mysql: Server: Partition multiple vulnerabilities (CVE-2021-2201, CVE-2021-2208) mysql: Server: Information Schema multiple vulnerabilities (CVE-2021-2032, CVE-2021-2226, CVE-2021-2301, CVE-2021-2308) mysql: Server: Packaging unspecified vulnerability (CVE-2021-2307) mysql: Server: Federated unspecified vulnerability (CVE-2021-2354) mysql: Server: GIS unspecified vulnerability (CVE-2021-2417) mysql: Server: Memcached unspecified vulnerability (CVE-2021-2340) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): Segfault and possible DoS with a crafted query (BZ#1996699) SolutionFor details on how to apply this update, which includes the changes described in this advisory, refer to:https://access.redhat.com/articles/11258 After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.

affected-products-logoAffected Applications

mysql

CVE References

CVE-2021-2340 CVE-2021-2342 CVE-2020-14845 CVE-2020-14844 CVE-2020-14846 CVE-2021-2226 CVE-2020-14848 CVE-2021-2429 CVE-2021-2422 CVE-2021-2424 CVE-2021-2425 CVE-2021-2426 CVE-2021-2427 CVE-2021-2032 CVE-2021-2031 CVE-2021-2030 CVE-2021-2036 CVE-2020-14804 CVE-2021-2038 CVE-2021-2352 CVE-2021-2060 CVE-2021-2356 CVE-2021-2357 CVE-2021-2354 CVE-2021-2061 CVE-2021-2213 CVE-2021-2212 CVE-2021-2217 CVE-2021-2215 CVE-2021-2300 CVE-2021-2444 CVE-2020-14794 CVE-2021-2028 CVE-2021-2088 CVE-2021-2180 CVE-2021-2024 CVE-2021-2021 CVE-2021-2022 CVE-2020-14873 CVE-2021-2169 CVE-2021-2201 CVE-2021-2202 CVE-2021-2203 CVE-2021-2164 CVE-2021-2166 CVE-2021-2208 CVE-2020-14765 CVE-2020-14769 CVE-2021-2058 CVE-2021-2193 CVE-2021-2194 CVE-2021-2196 CVE-2021-2384 CVE-2021-2055 CVE-2021-2056 CVE-2021-2293 CVE-2020-14776 CVE-2021-2299 CVE-2021-2298 CVE-2020-14870 CVE-2020-14775 CVE-2021-2440 CVE-2021-2441 CVE-2021-2417 CVE-2021-2178 CVE-2021-2179 CVE-2020-14777 CVE-2021-2278 CVE-2021-2174 CVE-2020-14773 CVE-2021-2170 CVE-2021-2339 CVE-2020-14672 CVE-2021-2171 CVE-2021-2048 CVE-2021-2042 CVE-2021-2070 CVE-2021-2046 CVE-2020-14812 CVE-2020-14868 CVE-2021-2367 CVE-2020-14861 CVE-2020-14860 CVE-2020-14867 CVE-2020-14866 CVE-2020-14809 CVE-2021-2308 CVE-2021-2305 CVE-2021-2304 CVE-2021-2307 CVE-2021-2301 CVE-2020-14800 CVE-2021-2076 CVE-2020-14786 CVE-2021-2072 CVE-2020-14785 CVE-2020-14789 CVE-2020-14893 CVE-2020-14891 CVE-2021-2370 CVE-2021-2372 CVE-2021-2374 CVE-2020-14838 CVE-2020-14839 CVE-2020-14830 CVE-2020-14836 CVE-2020-14837 CVE-2020-14828 CVE-2020-14791 CVE-2020-14790 CVE-2020-14793 CVE-2021-2065 CVE-2021-2385 CVE-2021-2410 CVE-2021-2387 CVE-2021-2412 CVE-2021-2383 CVE-2021-2418 CVE-2021-2389 CVE-2020-14888 CVE-2021-2122 CVE-2020-14821 CVE-2021-2087 CVE-2020-14829 CVE-2021-2081 CVE-2021-2146 CVE-2021-2402 CVE-2021-2011 CVE-2021-2010 CVE-2021-2390 CVE-2021-2399 CVE-2020-14852 CVE-2020-14814 CVE-2021-2230 CVE-2021-2232 CVE-2021-2172 CVE-2021-2437 CVE-2021-2002 CVE-2021-2001