ALAS2023-2025-990

Amazon Linux 2023 Security Advisory: ALAS2023-2025-990
Advisory Released Date: 2025-06-02
Advisory Updated Date: 2025-06-05

Severity: Medium

References: CVE-2023-52969 CVE-2023-52970 CVE-2025-30722
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, and 11.0 through 11.0.* can sometimes crash with an empty backtrace log. This may be related to make_aggr_tables_info and optimize_stage2. (CVE-2023-52969)

MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, 11.0 through 11.0.*, and 11.1 through 11.4.* crashes in Item_direct_view_ref::derived_field_transformer_for_where. (CVE-2023-52970)

Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Client accessible data as well as unauthorized update, insert or delete access to some of MySQL Client accessible data. CVSS 3.1 Base Score 5.9 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N). (CVE-2025-30722)

Affected Packages:

mariadb105

Issue Correction:
Run dnf update mariadb105 --releasever 2023.7.20250527 to update your system.

New Packages:

aarch64:
    mariadb105-cracklib-password-check-10.5.29-1.amzn2023.0.1.aarch64
    mariadb105-sphinx-engine-10.5.29-1.amzn2023.0.1.aarch64
    mariadb105-sphinx-engine-debuginfo-10.5.29-1.amzn2023.0.1.aarch64
    mariadb105-oqgraph-engine-10.5.29-1.amzn2023.0.1.aarch64
    mariadb105-common-10.5.29-1.amzn2023.0.1.aarch64
    mariadb105-oqgraph-engine-debuginfo-10.5.29-1.amzn2023.0.1.aarch64
    mariadb105-server-utils-debuginfo-10.5.29-1.amzn2023.0.1.aarch64
    mariadb105-connect-engine-10.5.29-1.amzn2023.0.1.aarch64
    mariadb105-debuginfo-10.5.29-1.amzn2023.0.1.aarch64
    mariadb105-cracklib-password-check-debuginfo-10.5.29-1.amzn2023.0.1.aarch64
    mariadb105-connect-engine-debuginfo-10.5.29-1.amzn2023.0.1.aarch64
    mariadb105-pam-10.5.29-1.amzn2023.0.1.aarch64
    mariadb105-devel-10.5.29-1.amzn2023.0.1.aarch64
    mariadb105-server-debuginfo-10.5.29-1.amzn2023.0.1.aarch64
    mariadb105-server-utils-10.5.29-1.amzn2023.0.1.aarch64
    mariadb105-gssapi-server-debuginfo-10.5.29-1.amzn2023.0.1.aarch64
    mariadb105-test-debuginfo-10.5.29-1.amzn2023.0.1.aarch64
    mariadb105-pam-debuginfo-10.5.29-1.amzn2023.0.1.aarch64
    mariadb105-10.5.29-1.amzn2023.0.1.aarch64
    mariadb105-backup-debuginfo-10.5.29-1.amzn2023.0.1.aarch64
    mariadb105-gssapi-server-10.5.29-1.amzn2023.0.1.aarch64
    mariadb105-debugsource-10.5.29-1.amzn2023.0.1.aarch64
    mariadb105-errmsg-10.5.29-1.amzn2023.0.1.aarch64
    mariadb105-backup-10.5.29-1.amzn2023.0.1.aarch64
    mariadb105-server-10.5.29-1.amzn2023.0.1.aarch64
    mariadb105-test-10.5.29-1.amzn2023.0.1.aarch64

src:
    mariadb105-10.5.29-1.amzn2023.0.1.src

x86_64:
    mariadb105-server-debuginfo-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-pam-debuginfo-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-oqgraph-engine-debuginfo-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-cracklib-password-check-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-server-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-backup-debuginfo-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-test-debuginfo-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-sphinx-engine-debuginfo-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-connect-engine-debuginfo-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-server-utils-debuginfo-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-rocksdb-engine-debuginfo-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-common-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-devel-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-cracklib-password-check-debuginfo-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-gssapi-server-debuginfo-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-debuginfo-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-pam-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-errmsg-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-connect-engine-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-sphinx-engine-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-oqgraph-engine-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-rocksdb-engine-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-gssapi-server-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-server-utils-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-debugsource-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-backup-10.5.29-1.amzn2023.0.1.x86_64
    mariadb105-test-10.5.29-1.amzn2023.0.1.x86_64

Changelog:

2025-06-05: CVE-2025-30722 was added to this advisory.

Additional References

Release Notes: Amazon Linux 2023 Release Notes

Red Hat: CVE-2023-52969, CVE-2023-52970, CVE-2025-30722

Mitre: CVE-2023-52969, CVE-2023-52970, CVE-2025-30722