Amazon Linux 2 Security Advisory: ALAS2MARIADB10.5-2025-007
Advisory Released Date: 2025-05-29
Advisory Updated Date: 2025-06-09
FAQs regarding Amazon Linux ALAS/CVE Severity
MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, and 11.0 through 11.0.* can sometimes crash with an empty backtrace log. This may be related to make_aggr_tables_info and optimize_stage2. (CVE-2023-52969)
MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, 11.0 through 11.0.*, and 11.1 through 11.4.* crashes in Item_direct_view_ref::derived_field_transformer_for_where. (CVE-2023-52970)
Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Client accessible data as well as unauthorized update, insert or delete access to some of MySQL Client accessible data. CVSS 3.1 Base Score 5.9 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N). (CVE-2025-30722)
Affected Packages:
mariadb
Note:
This advisory is applicable to Amazon Linux 2 - Mariadb10.5 Extra. Visit this page to learn more about Amazon Linux 2 (AL2) Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update mariadb to update your system.
aarch64:
mariadb-10.5.29-1.amzn2.0.1.aarch64
mariadb-libs-10.5.29-1.amzn2.0.1.aarch64
mariadb-config-10.5.29-1.amzn2.0.1.aarch64
mariadb-common-10.5.29-1.amzn2.0.1.aarch64
mariadb-errmsg-10.5.29-1.amzn2.0.1.aarch64
mariadb-server-galera-10.5.29-1.amzn2.0.1.aarch64
mariadb-server-10.5.29-1.amzn2.0.1.aarch64
mariadb-oqgraph-engine-10.5.29-1.amzn2.0.1.aarch64
mariadb-connect-engine-10.5.29-1.amzn2.0.1.aarch64
mariadb-backup-10.5.29-1.amzn2.0.1.aarch64
mariadb-cracklib-password-check-10.5.29-1.amzn2.0.1.aarch64
mariadb-gssapi-server-10.5.29-1.amzn2.0.1.aarch64
mariadb-pam-10.5.29-1.amzn2.0.1.aarch64
mariadb-sphinx-engine-10.5.29-1.amzn2.0.1.aarch64
mariadb-s3-engine-10.5.29-1.amzn2.0.1.aarch64
mariadb-server-utils-10.5.29-1.amzn2.0.1.aarch64
mariadb-devel-10.5.29-1.amzn2.0.1.aarch64
mariadb-embedded-10.5.29-1.amzn2.0.1.aarch64
mariadb-embedded-devel-10.5.29-1.amzn2.0.1.aarch64
mariadb-test-10.5.29-1.amzn2.0.1.aarch64
mariadb-debuginfo-10.5.29-1.amzn2.0.1.aarch64
src:
mariadb-10.5.29-1.amzn2.0.1.src
x86_64:
mariadb-10.5.29-1.amzn2.0.1.x86_64
mariadb-libs-10.5.29-1.amzn2.0.1.x86_64
mariadb-config-10.5.29-1.amzn2.0.1.x86_64
mariadb-common-10.5.29-1.amzn2.0.1.x86_64
mariadb-errmsg-10.5.29-1.amzn2.0.1.x86_64
mariadb-server-galera-10.5.29-1.amzn2.0.1.x86_64
mariadb-server-10.5.29-1.amzn2.0.1.x86_64
mariadb-oqgraph-engine-10.5.29-1.amzn2.0.1.x86_64
mariadb-connect-engine-10.5.29-1.amzn2.0.1.x86_64
mariadb-backup-10.5.29-1.amzn2.0.1.x86_64
mariadb-rocksdb-engine-10.5.29-1.amzn2.0.1.x86_64
mariadb-cracklib-password-check-10.5.29-1.amzn2.0.1.x86_64
mariadb-gssapi-server-10.5.29-1.amzn2.0.1.x86_64
mariadb-pam-10.5.29-1.amzn2.0.1.x86_64
mariadb-sphinx-engine-10.5.29-1.amzn2.0.1.x86_64
mariadb-s3-engine-10.5.29-1.amzn2.0.1.x86_64
mariadb-server-utils-10.5.29-1.amzn2.0.1.x86_64
mariadb-devel-10.5.29-1.amzn2.0.1.x86_64
mariadb-embedded-10.5.29-1.amzn2.0.1.x86_64
mariadb-embedded-devel-10.5.29-1.amzn2.0.1.x86_64
mariadb-test-10.5.29-1.amzn2.0.1.x86_64
mariadb-debuginfo-10.5.29-1.amzn2.0.1.x86_64
2025-06-09: CVE-2025-30722 was added to this advisory.