CVE-2025-50086: 
MySQL vulnerability analysis and mitigation

CVE-2025-50086 is a vulnerability discovered in Oracle MySQL Server (component: Server: Components Services). The vulnerability affects MySQL Server versions 8.0.0-8.0.42, 8.4.0-8.4.5, and 9.0.0-9.3.0. It was initially disclosed on July 15, 2025 (NVD).

The vulnerability has been assigned a CVSS 3.1 Base Score of 4.9 (Medium severity) with the following vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H. The vulnerability is characterized by being easily exploitable by an attacker with high privileges and network access via multiple protocols. The technical assessment indicates that no user interaction is required for exploitation (NVD, Snyk).

Successful exploitation of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash, leading to a complete Denial of Service (DOS) of MySQL Server. The vulnerability only impacts availability, with no direct effect on confidentiality or integrity (NVD).

Ubuntu has identified affected packages and is actively evaluating the vulnerability for various MySQL versions. For Ubuntu 24.04 LTS (noble) and 22.04 LTS (jammy), the mysql-8.0 package is marked as vulnerable and requires updates. Users are advised to monitor their distribution's security advisories for patches (Ubuntu Security).