{"id":"USN-8457-2","summary":"mysql-8.0 vulnerabilities","details":"\nUSN-8457-1 fixed several vulnerabilities in MySQL. This update\nprovides the corresponding fixes for MySQL on Ubuntu 20.04 LTS\n\nOriginal advisory details:\n\n It was discovered that MySQL Router incorrectly handled repeated TLS\n protocol upgrade requests. An unauthenticated remote attacker could\n possibly use this issue to cause MySQL Router to crash, resulting in a\n denial of service. (CVE-2026-46862)\n\n It was discovered that MySQL Server incorrectly handled connection\n authentication. An unauthenticated remote attacker could possibly use this\n issue to cause MySQL to crash, resulting in a denial of service.\n (CVE-2026-46863)","modified":"2026-06-24T15:44:22.855844286Z","published":"2026-06-24T06:38:35Z","related":["UBUNTU-CVE-2026-46862","UBUNTU-CVE-2026-46863"],"upstream":["CVE-2026-46862","CVE-2026-46863","UBUNTU-CVE-2026-46862","UBUNTU-CVE-2026-46863"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-8457-2"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-46862"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-46863"}],"affected":[{"package":{"name":"mysql-8.0","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/mysql-8.0?arch=source&distro=esm-infra%2Ffocal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.0.46-0ubuntu0.20.04.1+esm3"}]}],"versions":["8.0.17-0ubuntu2","8.0.17-0ubuntu3","8.0.18-0ubuntu3","8.0.18-0ubuntu4","8.0.18-0ubuntu5","8.0.19-0ubuntu2","8.0.19-0ubuntu3","8.0.19-0ubuntu4","8.0.19-0ubuntu5","8.0.20-0ubuntu0.20.04.1","8.0.21-0ubuntu0.20.04.3","8.0.21-0ubuntu0.20.04.4","8.0.22-0ubuntu0.20.04.2","8.0.22-0ubuntu0.20.04.3","8.0.23-0ubuntu0.20.04.1","8.0.25-0ubuntu0.20.04.1","8.0.26-0ubuntu0.20.04.2","8.0.26-0ubuntu0.20.04.3","8.0.27-0ubuntu0.20.04.1","8.0.28-0ubuntu0.20.04.3","8.0.29-0ubuntu0.20.04.2","8.0.29-0ubuntu0.20.04.3","8.0.30-0ubuntu0.20.04.2","8.0.31-0ubuntu0.20.04.1","8.0.31-0ubuntu0.20.04.2","8.0.32-0buntu0.20.04.1","8.0.32-0ubuntu0.20.04.2","8.0.33-0ubuntu0.20.04.1","8.0.33-0ubuntu0.20.04.2","8.0.33-0ubuntu0.20.04.4","8.0.34-0ubuntu0.20.04.1","8.0.35-0ubuntu0.20.04.1","8.0.36-0ubuntu0.20.04.1","8.0.37-0ubuntu0.20.04.3","8.0.39-0ubuntu0.20.04.1","8.0.40-0ubuntu0.20.04.1","8.0.41-0ubuntu0.20.04.1","8.0.42-0ubuntu0.20.04.1","8.0.43-0ubuntu0.20.04.1+esm1","8.0.45-0ubuntu0.20.04.1+esm2","8.0.46-0ubuntu0.20.04.1+esm2"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro","binaries":[{"binary_name":"libmysqlclient21","binary_version":"8.0.46-0ubuntu0.20.04.1+esm3"},{"binary_name":"mysql-client","binary_version":"8.0.46-0ubuntu0.20.04.1+esm3"},{"binary_name":"mysql-client-8.0","binary_version":"8.0.46-0ubuntu0.20.04.1+esm3"},{"binary_name":"mysql-client-core-8.0","binary_version":"8.0.46-0ubuntu0.20.04.1+esm3"},{"binary_name":"mysql-router","binary_version":"8.0.46-0ubuntu0.20.04.1+esm3"},{"binary_name":"mysql-server","binary_version":"8.0.46-0ubuntu0.20.04.1+esm3"},{"binary_name":"mysql-server-8.0","binary_version":"8.0.46-0ubuntu0.20.04.1+esm3"},{"binary_name":"mysql-server-core-8.0","binary_version":"8.0.46-0ubuntu0.20.04.1+esm3"},{"binary_name":"mysql-source-8.0","binary_version":"8.0.46-0ubuntu0.20.04.1+esm3"},{"binary_name":"mysql-testsuite","binary_version":"8.0.46-0ubuntu0.20.04.1+esm3"},{"binary_name":"mysql-testsuite-8.0","binary_version":"8.0.46-0ubuntu0.20.04.1+esm3"}]},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:Pro:20.04:LTS","cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2026-46862"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2026-46863"}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8457-2.json"}}],"schema_version":"1.7.5"}