PT-2021-6823 · Oracle+8 · Mysql Server+7

Published

2021-07-20

·

Updated

2021-12-31

·

CVE-2021-2422

CVSS v2.0

6.8

Medium

VectorAV:N/AC:L/Au:S/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions MySQL Server versions 8.0.25 and prior
Description The issue is related to errors in resource release, allowing a remote attacker to cause a denial of service. A high-privileged attacker with network access via multiple protocols can exploit this to compromise the MySQL Server, resulting in the ability to cause a hang or frequently repeatable crash, leading to a complete denial of service.
Recommendations For versions 8.0.25 and prior, update to a version later than 8.0.25 to resolve the issue. At the moment, there is no information about additional mitigation measures for this specific vulnerability.

Exploit

Fix

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-404

Related Identifiers

ALSA-2021:3590
ALT-PU-2021-2461
ALT-PU-2021-2477
ALT-PU-2021-2571
ALT-PU-2021-3668
BDU:2022-02248
CESA-2021_3590
CVE-2021-2422
RHSA-2021:3590
RHSA-2021:3811
RHSA-2021_3590
RLSA-2021:3590
USN-5022-1

Affected Products

Alt Linux
Almalinux
Centos
Linuxmint
Mysql Server
Red Hat
Rocky Linux
Ubuntu