CVE-2024-21054 in MySQL Serverinfo

Summary

by MITRE • 04/17/2024

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Once again VulDB remains the best source for vulnerability data.

Analysis

by VulDB Data Team • 09/06/2025

The vulnerability identified as CVE-2024-21054 resides within the MySQL Server optimizer component of Oracle MySQL, affecting versions 8.0.36 and earlier, as well as 8.3.0 and prior releases. This designation places the flaw within the Server: Optimizer subsystem which is responsible for query execution planning and optimization processes that are fundamental to database operations. The vulnerability's classification as easily exploitable indicates that attackers with high privileges and network access can leverage this weakness through multiple protocols, making it particularly concerning for environments where database servers are accessible over networks. The CVSS 3.1 scoring system assigns a base score of 4.9 with a vector of AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H, which reflects the availability impact severity and the specific conditions required for exploitation.

The technical nature of this vulnerability manifests as a flaw in the query optimizer's handling of specific operations that can lead to system instability and complete denial of service conditions. When exploited, the vulnerability allows an attacker with elevated privileges to cause the MySQL server to hang or experience frequently repeatable crashes, effectively rendering the database service unavailable to legitimate users. This occurs through manipulation of the optimizer's internal processes during query execution, where malformed or specially crafted queries can trigger memory corruption or resource exhaustion conditions that the optimizer cannot properly handle. The impact extends beyond simple service disruption as the repeated nature of the crashes can make system recovery difficult and potentially lead to data integrity concerns during restart operations. This type of vulnerability is classified under CWE-121, which deals with stack-based buffer overflow conditions, though the specific manifestation in this case involves optimizer execution path failures.

The operational impact of CVE-2024-21054 represents a significant availability risk for MySQL server deployments, particularly in production environments where database uptime is critical for business operations. Organizations running affected MySQL versions face potential service interruptions that can affect applications dependent on database connectivity, leading to cascading failures across interconnected systems. The requirement for high privileged access limits the immediate threat surface compared to vulnerabilities requiring no authentication, but it remains a serious concern for environments where administrative access might be compromised or where insider threats exist. The vulnerability affects systems where network protocols such as TCP/IP are enabled for MySQL communication, making it relevant for both internal and external database access scenarios. From an ATT&CK framework perspective, this vulnerability aligns with T1499.004 (Unauthorized Access to Database) and T1499.001 (Network Denial of Service) techniques, as it enables attackers to maintain access while simultaneously disrupting service availability.

Mitigation strategies for CVE-2024-21054 primarily focus on immediate patching of affected MySQL server installations to versions that contain the relevant fixes. Organizations should prioritize updating their MySQL deployments to the latest supported versions that address this vulnerability, ensuring that all security patches are properly tested in staging environments before deployment. Network segmentation and access control measures should be reinforced to limit the attack surface, particularly by restricting direct network access to MySQL servers and implementing strong authentication mechanisms. Monitoring systems should be enhanced to detect unusual patterns of database server crashes or hangs that might indicate exploitation attempts. Additionally, implementing database firewalls or query filtering mechanisms can help prevent malicious query patterns from reaching the optimizer component. The vulnerability's classification as a denial of service issue underscores the importance of implementing robust backup and failover procedures to maintain business continuity during potential exploitation events. Organizations should also consider implementing database activity monitoring solutions that can detect and alert on anomalous query execution patterns that might precede or accompany exploitation attempts.

Responsible

Oracle

Reservation

12/07/2023

Disclosure

04/17/2024

Moderation

accepted

CPE

ready

EPSS

0.00962

KEV

no

Activities

very low

Sources

Want to stay up to date on a daily basis?

Enable the mail alert feature now!