CVE-2025-30705: 
MySQL vulnerability analysis and mitigation

A vulnerability has been identified in Oracle MySQL Server (CVE-2025-30705) affecting the Server: PS component. The affected versions include MySQL Server 8.0.0-8.0.41, 8.4.0-8.4.4, and 9.0.0-9.2.0. This vulnerability was disclosed on April 15, 2025, as part of Oracle's Critical Patch Update (Oracle Advisory, NVD).

The vulnerability has been assigned a CVSS 3.1 Base Score of 4.9 (Medium severity). The CVSS vector is CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H, indicating network vector access, low attack complexity, high privileges required, no user interaction needed, unchanged scope, and high availability impact. The vulnerability has been classified under CWE-400 (Uncontrolled Resource Consumption) (NVD).

Successful exploitation of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash, leading to a complete denial of service (DoS) of MySQL Server. The impact is primarily focused on system availability, with no direct impact on confidentiality or integrity (Oracle Advisory).

Oracle has released patches to address this vulnerability in their April 2025 Critical Patch Update. Users are strongly recommended to update their MySQL Server installations to the latest patched versions. The patches are available through Oracle's standard update channels (Oracle Advisory).