Critical MariaDB 10.5 Security Update: CVE-2025-30693 & CVE-2025-30722 Patched

 

Debian LTS has patched critical MariaDB 10.5 vulnerabilities (CVE-2025-30693 & CVE-2025-30722) that could cause database crashes & data leaks. Learn about the security fixes, upgrade steps, and enterprise risks.

Debian LTS has released an urgent security update for MariaDB 10.5, addressing severe vulnerabilities that could lead to database crashes, unauthorized data access, and potential exploitation by attackers.

Key Security Vulnerabilities Fixed

1. CVE-2025-30693: High-Risk Server Vulnerability

• Severity: Critical

• Impact: Unauthorized Denial of Service (DoS) and data manipulation

• Affected Component: MariaDB Server

• Exploitability: Easily exploitable by high-privileged attackers via multiple network protocols

This flaw allows attackers to crash MariaDB servers or alter sensitive database records, posing a major risk for enterprises relying on MariaDB for mission-critical applications.

2. CVE-2025-30722: Client-Side Data Exposure Risk

• Severity: High

• Impact: Unauthorized access to critical data

• Affected Component: MariaDB Client

• Exploitability: Requires low-privileged access but is harder to exploit

Attackers exploiting this vulnerability could bypass security controls and gain access to confidential data stored or processed by MariaDB clients.

Update Details & Recommendations

The Debian 11 Bullseye patch (v1:10.5.29-0+deb11u1) resolves both vulnerabilities and includes InnoDB storage engine optimizations for better security.

Key Technical Changes

• Replaced mach_write_compressed() with mach_u64_write_much_compressed() for safer variable-length encoding.

• Backward compatibility warning: Some external tools reading InnoDB undo logs may break due to format changes.

• Additional bug fixes from MariaDB 10.5.29 (see release notes).

Action Required

✔ Immediate upgrade recommended for all MariaDB 10.5 users.
✔ Review third-party tools interacting with InnoDB logs for compatibility issues.

Why This Update Matters for Enterprises

MariaDB is a leading open-source RDBMS used by businesses for high-performance database management. Unpatched servers risk:

• Data breaches (GDPR/CCPA compliance violations)

• Service disruptions (downtime costs for businesses)

• Regulatory penalties (if security best practices are ignored)

For detailed security tracking, visit:
🔗 Debian Security Tracker – MariaDB 10.5

FAQs

Q: How do I check my MariaDB version?

A: Run mariadb --version in the terminal.

Q: Are older Debian versions affected?

A: This advisory applies to Debian 11 Bullseye; other versions should check their respective security updates.

Q: What industries are most at risk?

A: Finance, healthcare, and e-commerce (due to sensitive data handling) should prioritize patching.