Primary

Context

Oracle MySQL Server InnoDB Component Denial-of-Service and Data Manipulation Vulnerability

Vulnerability

Patched

A vulnerability exists in the InnoDB component of Oracle MySQL Server, affecting versions 8.0.40 and prior, 8.4.3 and prior, and 9.1.0 and prior. This vulnerability allows a high-privileged attacker with network access to MySQL Server to cause a complete denial-of-service by hanging or crashing the server. Additionally, the vulnerability permits unauthorized access to manipulate some of the data accessible to MySQL Server.

Impact

Exploitation of this vulnerability leads to a complete denial-of-service on the MySQL Server, causing it to hang or crash frequently. Furthermore, it allows unauthorized updates, inserts, or deletions of some data accessible to MySQL Server.

Remediation

Users can apply the January 2025 Critical Patch Update, which includes a patch for this vulnerability. Instructions for applying the patch can be found in the MySQL Critical Patch Update January 2025 Patch Availability Document on My Oracle Support.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Affected Products

Oracle MySQL

Easy fix4 remedies

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*

Easy fix4 remedies

<= 8.0.40
<= 8.4.3
<= 9.1.0

Oracle MySQL Cluster

Easy fix4 remedies

cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*

Easy fix4 remedies

<= 7.6.32
<= 8.0.40
<= 8.4.3
<= 9.1.0

Oracle MySQL Connectors

Easy fix2 remedies

cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*

Easy fix2 remedies

<= 9.1.0

Oracle MySQL Enterprise Backup

Easy fix4 remedies

cpe:2.3:a:oracle:mysql_enterprise_backup:*:*:*:*:*:*:*

Easy fix4 remedies

<= 8.0.40
<= 8.4.3
<= 9.1.0

Oracle MySQL Server

Easy fix4 remedies

cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*

Easy fix4 remedies

<= 8.0.40
<= 8.4.3
<= 9.0.1
<= 9.1.0

Oracle MySQL Shell

Easy fix4 remedies

cpe:2.3:a:oracle:mysql_shell:*:*:*:*:*:*:*

Easy fix4 remedies

<= 8.0.40
<= 8.4.3
<= 9.1.0

Oracle Agile Engineering Data Management

0 remedies

cpe:2.3:a:oracle:agile_engineering_data_management:*:*:*:*:*:*:*

0 remedies

Oracle Agile PLM Framework

0 remedies

cpe:2.3:a:oracle:agile_plm_framework:*:*:*:*:*:*:*

0 remedies

Oracle Analytics Desktop

0 remedies

cpe:2.3:a:oracle:data_visualization_desktop:*:*:*:*:*:*:*

0 remedies

Oracle Application Express

0 remedies

cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*

0 remedies

Oracle Application Testing Suite

0 remedies

cpe:2.3:a:oracle:application_testing_suite:*:*:*:*:*:*:*

0 remedies

Oracle Banking Corporate Lending Process Management

0 remedies

cpe:2.3:a:oracle:banking_corporate_lending_process_management:*:*:*:*:*:*:*

0 remedies

Oracle Banking Liquidity Management

0 remedies

cpe:2.3:a:oracle:banking_liquidity_management:*:*:*:*:*:*:*

0 remedies

Oracle Banking Origination

0 remedies

cpe:2.3:a:oracle:banking_origination:*:*:*:*:*:*:*

0 remedies

Oracle BI Publisher

0 remedies

cpe:2.3:a:oracle:bi_publisher:*:*:*:*:*:*:*

0 remedies

Oracle Big Data Spatial and Graph

0 remedies

cpe:2.3:a:oracle:big_data_spatial_and_graph:*:*:*:*:*:*:*

0 remedies

Oracle Blockchain Platform

0 remedies

cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*

0 remedies

Oracle Business Activity Monitoring

0 remedies

cpe:2.3:a:oracle:business_activity_monitoring:*:*:*:*:*:*:*

0 remedies

Oracle Business Intelligence Enterprise Edition

0 remedies

cpe:2.3:a:oracle:business_intelligence:*:*:*:*:*:*:*

0 remedies

Oracle Business Process Management Suite

0 remedies

cpe:2.3:a:oracle:business_process_management_suite:*:*:*:*:*:*:*

0 remedies

Oracle Coherence

0 remedies

cpe:2.3:a:oracle:coherence:*:*:*:*:*:*:*

0 remedies

Oracle Commerce Guided Search

0 remedies

cpe:2.3:a:oracle:commerce_guided_search:*:*:*:*:*:*:*

0 remedies

Oracle Communications Billing and Revenue Management

0 remedies

cpe:2.3:a:oracle:communications_billing_and_revenue_management:*:*:*:*:*:*:*

0 remedies

Oracle Communications BRM - Elastic Charging Engine

0 remedies

cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:*:*:*:*:*:*:*

0 remedies

Oracle Communications Cloud Native Core Automated Test Suite

0 remedies

cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:*:*:*:*:*:*:*

0 remedies

Oracle Communications Cloud Native Core Binding Support Function

0 remedies

cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:*:*:*:*:*:*:*

0 remedies

Oracle Communications Cloud Native Core Certificate Management

0 remedies

Oracle Communications Cloud Native Core Console

0 remedies

cpe:2.3:a:oracle:communications_cloud_native_core_console:*:*:*:*:*:*:*

0 remedies

Oracle Communications Cloud Native Core DBTier

0 remedies

Oracle Communications Cloud Native Core Network Function Cloud Native Environment

0 remedies

cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:*:*:*:*:*:*:*

0 remedies

Oracle Communications Cloud Native Core Network Repository Function

0 remedies

cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:*:*:*:*:*:*:*

0 remedies

Oracle Communications Cloud Native Core Policy

0 remedies

cpe:2.3:a:oracle:communications_cloud_native_core_policy:*:*:*:*:*:*:*

0 remedies

Oracle Communications Cloud Native Core Security Edge Protection Proxy

0 remedies

cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:*:*:*:*:*:*:*

0 remedies

Oracle Communications Cloud Native Core Service Communication Proxy

0 remedies

cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:*:*:*:*:*:*:*

0 remedies

Oracle Communications Cloud Native Core Unified Data Repository

0 remedies

cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:*:*:*:*:*:*:*

0 remedies

Oracle Communications Converged Application Server

0 remedies

cpe:2.3:a:oracle:communications_converged_application_server:*:*:*:*:*:*:*

0 remedies

Oracle Communications Convergence

0 remedies

cpe:2.3:a:oracle:communications_convergence:*:*:*:*:*:*:*

0 remedies

Oracle Communications Diameter Signaling Router

0 remedies

cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*

0 remedies

Oracle Communications EAGLE Element Management System

0 remedies

cpe:2.3:a:oracle:communications_eagle_element_management_system:*:*:*:*:*:*:*

0 remedies

Oracle Communications Messaging Server

0 remedies

cpe:2.3:a:oracle:communications_messaging_server:*:*:*:*:*:*:*

0 remedies

Oracle Communications Network Analytics Data Director

0 remedies

Oracle Communications Offline Mediation Controller

0 remedies

cpe:2.3:a:oracle:communications_offline_mediation_controller:*:*:*:*:*:*:*

0 remedies

Oracle Communications Operations Monitor

0 remedies

cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*

0 remedies

Oracle Communications Order and Service Management

0 remedies

cpe:2.3:a:oracle:communications_order_and_service_management:*:*:*:*:*:*:*

0 remedies

Oracle Communications Policy Management

0 remedies

cpe:2.3:a:oracle:communications_policy_management:*:*:*:*:*:*:*

0 remedies

Oracle Communications Service Catalog and Design

0 remedies

Oracle Communications Session Border Controller

0 remedies

cpe:2.3:a:oracle:communications_session_border_controller:*:*:*:*:*:*:*

0 remedies

Oracle Communications Unified Assurance

0 remedies

cpe:2.3:a:oracle:communications_unified_assurance:*:*:*:*:*:*:*

0 remedies

Oracle Communications Unified Inventory Management

0 remedies

cpe:2.3:a:oracle:communications_unified_inventory_management:*:*:*:*:*:*:*

0 remedies

Oracle Communications User Data Repository

0 remedies

cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*

0 remedies

Oracle Database Server

0 remedies

cpe:2.3:a:oracle:database_server:*:*:*:*:*:*:*

0 remedies

Oracle Documaker

0 remedies

cpe:2.3:a:oracle:documaker:*:*:*:*:*:*:*

0 remedies

Oracle E-Business Suite

0 remedies

cpe:2.3:a:oracle:e-business_suite:*:*:*:*:*:*:*

0 remedies

Oracle Enterprise Communications Broker

0 remedies

cpe:2.3:a:oracle:enterprise_communications_broker:*:*:*:*:*:*:*

0 remedies

Oracle Enterprise Manager Base Platform

0 remedies

cpe:2.3:a:oracle:enterprise_manager_base_platform:*:*:*:*:*:*:*

0 remedies

Oracle Enterprise Session Border Controller

0 remedies

cpe:2.3:a:oracle:enterprise_session_border_controller:*:*:*:*:*:*:*

0 remedies

Oracle Essbase

0 remedies

cpe:2.3:a:oracle:essbase:*:*:*:*:*:*:*

0 remedies

Oracle Financial Services Analytical Applications Infrastructure

0 remedies

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*

0 remedies

Oracle Financial Services Behavior Detection Platform

0 remedies

cpe:2.3:a:oracle:financial_services_behavior_detection_platform:*:*:*:*:*:*:*

0 remedies

Oracle Financial Services Compliance Studio

0 remedies

Oracle Financial Services Enterprise Case Management

0 remedies

cpe:2.3:a:oracle:financial_services_enterprise_case_management:*:*:*:*:*:*:*

0 remedies

Oracle Financial Services Model Management and Governance

0 remedies

cpe:2.3:a:oracle:financial_services_model_management_and_governance:*:*:*:*:*:*:*

0 remedies

Oracle Financial Services Regulatory Reporting

0 remedies

Oracle Financial Services Revenue Management and Billing

0 remedies

cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:*:*:*:*:*:*:*

0 remedies

Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition

0 remedies

cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:*:*:*:*:*:*:*

0 remedies

Oracle Fusion Middleware MapViewer

0 remedies

cpe:2.3:a:oracle:fusion_middleware_mapviewer:*:*:*:*:*:*:*

0 remedies

Oracle GoldenGate

0 remedies

cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*

0 remedies

Oracle GoldenGate Big Data and Application Adapters

0 remedies

cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*

0 remedies

Oracle GraalVM Enterprise Edition

0 remedies

cpe:2.3:a:oracle:graalvm:*:*:*:*:*:*:*

0 remedies

Oracle GraalVM for JDK

0 remedies

cpe:2.3:a:oracle:graalvm_for_jdk:*:*:*:*:*:*:*

0 remedies

Oracle Graph Server and Client

0 remedies

cpe:2.3:a:oracle:graph_server_and_client:*:*:*:*:*:*:*

0 remedies

Oracle Hospitality OPERA 5

0 remedies

cpe:2.3:a:oracle:hospitality_opera_5:*:*:*:*:*:*:*

0 remedies

Oracle HTTP Server

0 remedies

cpe:2.3:a:oracle:http_server:*:*:*:*:*:*:*

0 remedies

Oracle Hyperion Data Relationship Management

0 remedies

cpe:2.3:a:oracle:hyperion_data_relationship_management:*:*:*:*:*:*:*

0 remedies

Oracle Identity Manager

0 remedies

cpe:2.3:a:oracle:identity_manager:*:*:*:*:*:*:*

0 remedies

Oracle Java SE

0 remedies

cpe:2.3:a:oracle:java_se:*:*:*:*:*:*:*, +1 more

0 remedies

Oracle Life Sciences Argus Safety

0 remedies

cpe:2.3:a:oracle:life_sciences_data_hub:*:*:*:*:*:*:*

0 remedies

Oracle Life Sciences Empirica Signal

0 remedies

cpe:2.3:a:oracle:health_sciences_empirica_signal:*:*:*:*:*:*:*

0 remedies

Oracle Managed File Transfer

0 remedies

cpe:2.3:a:oracle:managed_file_transfer:*:*:*:*:*:*:*

0 remedies

Oracle Middleware Common Libraries and Tools

0 remedies

cpe:2.3:a:oracle:middleware_common_libraries_and_tools:*:*:*:*:*:*:*

0 remedies

Oracle Outside In Technology

0 remedies

cpe:2.3:a:oracle:outside_in_technology:*:*:*:*:*:*:*

0 remedies

Oracle Policy Automation

0 remedies

cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*

0 remedies

Oracle Retail Financial Integration

0 remedies

cpe:2.3:a:oracle:retail_financial_integration:*:*:*:*:*:*:*

0 remedies

Oracle Retail Integration Bus

0 remedies

cpe:2.3:a:oracle:retail_integration_bus:*:*:*:*:*:*:*

0 remedies

Oracle SD-WAN Edge

0 remedies

cpe:2.3:a:oracle:sd-wan_edge:*:*:*:*:*:*:*

0 remedies

Oracle Secure Backup

0 remedies

cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*

0 remedies

Oracle Solaris

0 remedies

cpe:2.3:a:oracle:solaris:*:*:*:*:*:*:*, +2 more

0 remedies

Oracle TimesTen In-Memory Database

0 remedies

cpe:2.3:a:oracle:timesten_in-memory_database:*:*:*:*:*:*:*

0 remedies

Oracle Utilities Application Framework

0 remedies

cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*

0 remedies

Oracle Utilities Network Management System

0 remedies

cpe:2.3:a:oracle:utilities_network_management_system:*:*:*:*:*:*:*

0 remedies

Oracle Utilities Testing Accelerator

0 remedies

cpe:2.3:a:oracle:utilities_testing_accelerator:*:*:*:*:*:*:*

0 remedies

Oracle VM VirtualBox

0 remedies

cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*

0 remedies

Oracle WebCenter Portal

0 remedies

cpe:2.3:a:oracle:webcenter_portal:*:*:*:*:*:*:*

0 remedies

Oracle WebLogic Server

0 remedies

cpe:2.3:a:oracle:weblogic_server:*:*:*:*:*:*:*

0 remedies

Oracle PeopleSoft Enterprise CC Common Application Objects

0 remedies

cpe:2.3:a:oracle:peoplesoft_enterprise_cc_common_application_objects:*:*:*:*:*:*:*

0 remedies

Oracle PeopleSoft Enterprise FIN Cash Management

0 remedies

Oracle PeopleSoft Enterprise FIN eSettlements

0 remedies

Oracle PeopleSoft Enterprise PeopleTools

0 remedies

cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:*:*:*:*:*:*:*

0 remedies

Oracle PeopleSoft Enterprise SCM Purchasing

0 remedies

cpe:2.3:a:oracle:peoplesoft_enterprise_scm_purchasing:*:*:*:*:*:*:*

0 remedies

Oracle Primavera Gateway

0 remedies

cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*

0 remedies

Oracle Primavera P6 Enterprise Project Portfolio Management

0 remedies

cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*

0 remedies

Oracle Primavera Unifier

0 remedies

cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*

0 remedies

Oracle Siebel Applications

0 remedies

cpe:2.3:a:oracle:siebel_suite:*:*:*:*:*:*:*

0 remedies

Vulnerability Rating

Custom Algorithm

spread

8.7

impact

3.8

exploitability

4.4

remediation

8.3

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.7

impact

3.8

exploitability

4.4

remediation

8.3

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.