CVE-2025-13699: 
MariaDB Server Analisi e mitigazione delle vulnerabilità

CVE-2025-13699 is a directory traversal vulnerability in the MariaDB mariadb-dump utility that allows remote attackers to execute arbitrary code on affected installations. The flaw was reported to MariaDB on 2025-08-21 and publicly disclosed on 2025-11-27 by the Zero Day Initiative (ZDI) as advisory ZDI-25-1025 (originally tracked as ZDI-CAN-27000). It was assigned a CVSS v3.0 base score of 7.0 (High), with affected products including MariaDB versions up to at least 10.6.21 and 10.11.11 as identified in Microsoft's Azure Linux distributions (ZDI Advisory, MSRC).

The vulnerability is classified as CWE-22 (Improper Limitation of a Pathname to a Restricted Directory — Path Traversal). The root cause lies in the mariadb-dump utility's failure to properly validate user-supplied view names before using them in file system operations, allowing an attacker-controlled path to traverse outside the intended directory. Exploitation requires local access and user interaction (e.g., a user running mariadb-dump against a malicious database containing crafted view names), but attack vectors may vary depending on how the utility is integrated into broader workflows. The vulnerability was discovered by researcher Litezeraw and tracked in MariaDB's issue tracker as MDEV-37483 (ZDI Advisory).

Successful exploitation allows an attacker to execute arbitrary code in the context of the user running the mariadb-dump utility, resulting in high confidentiality, integrity, and availability impact on the affected system. An attacker who controls a MariaDB database with maliciously crafted view names could cause the dump utility to write files to arbitrary locations on the file system, potentially overwriting sensitive files or planting malicious executables. While the scope is unchanged (no privilege escalation beyond the current user context), the combination of arbitrary file write and code execution could facilitate lateral movement if the affected user has elevated privileges (ZDI Advisory, MSRC).

MariaDB has issued a patch addressing this vulnerability, tracked as MDEV-37483. Users should update to a fixed version of MariaDB as soon as available for their distribution. Multiple Linux distributions have released updated packages, including Red Hat (RHSA-2026:0061 and subsequent advisories), SUSE (SUSE-2025-4493), AlmaLinux (ALSA-2026-0232, ALSA-2026-0247), and Oracle Linux. As a workaround, avoid running mariadb-dump against untrusted or externally controlled databases, and restrict which users can create views in databases that are subject to dump operations (ZDI Advisory, MSRC).

The vulnerability was responsibly disclosed by ZDI researcher Litezeraw following a coordinated disclosure process with MariaDB, with the advisory published on 2025-11-27. Multiple Linux distribution security teams (Red Hat, SUSE, AlmaLinux, Oracle, Fedora, Debian) have issued security advisories and updated packages, indicating broad industry awareness and response. No notable public controversy or significant social media discussion has been identified beyond standard security advisory coverage (ZDI Advisory).