R33S3N6

Researcher fromBASS team from the School of Cyber Science and Technology at Beihang University
#12564of 53,630
21.6Total CVSS
Vulnerabilities · 3
Medium
1
High
1
Critical
1
PT-2024-29394
9.8
2024-09-03
Pingcap · Tidb · CVE-2024-41433
**Name of the Vulnerable Software and Affected Versions** PingCAP TiDB version 8.1.0 **Description** The issue is related to a buffer overflow in the `expression.ExplainExpressionList` component, which can be exploited by attackers to cause a Denial of Service (DoS) via a crafted input. However, PingCAP argues that this is a complex query bug and not a DoS vulnerability, as the actual reproduction of this issue did not cause the security impact of service interruption to other users. **Recommendations** For PingCAP TiDB version 8.1.0, as a temporary workaround, consider disabling the `expression.ExplainExpressionList` component until a patch is available. Restrict access to this component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2024-29395
4.3
2024-09-03
Pingcap · Tidb · CVE-2024-41434
**Name of the Vulnerable Software and Affected Versions** PingCAP TiDB version 8.1.0 **Description** The issue is related to a buffer overflow via the `(*Column).GetDecimal` component, which can be exploited to cause a Denial of Service (DoS) by providing a crafted input to the 'RemoveUnnecessaryFirstRow' function. This function checks the expression between 'Agg' and 'GroupBy' but does not verify the return type. It is worth noting that PingCAP disputes the severity of this issue, considering it a complex query bug rather than a DoS vulnerability. **Recommendations** For PingCAP TiDB version 8.1.0, as a temporary workaround, consider restricting the use of the `(*Column).GetDecimal` component until a patch is available. Additionally, avoid using crafted inputs to the 'RemoveUnnecessaryFirstRow' function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2024-29397
7.5
2024-09-03
Unknown · Clickhouse · CVE-2024-41436
**Name of the Vulnerable Software and Affected Versions** ClickHouse version 24.3.3.102 **Description** A buffer overflow issue was discovered in the DB::evaluateConstantExpressionImpl component of ClickHouse. This issue can be exploited, potentially leading to security breaches. However, there is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited. **Recommendations** For ClickHouse version 24.3.3.102, consider disabling the `DB::evaluateConstantExpressionImpl` component as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.