CVE-2022-21344: Vulnerability in MySQL Server (Server: Replication) Causing Potential DoS Attacks

A new vulnerability has been discovered in the MySQL Server product of Oracle MySQL. The affected component is Server: Replication. This vulnerability affects the supported versions 5.7.36 and prior and 8..27 and prior, putting them at risk of unauthorized ability to cause a hang or frequently repeatable crash. This can result in a complete Denial of Service (DoS) of MySQL Server. The vulnerability has been assigned the code CVE-2022-21344.

Exploit Details

The vulnerability, identified as CVE-2022-21344, is an easily exploitable vulnerability that allows high privileged attackers with network access via multiple protocols to compromise MySQL Server. The Common Vulnerability Scoring System (CVSS) 3.1 Base Score for this vulnerability is 4.9 and primarily impacts availability. The CVSS Vector is defined as (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Oracle's advisory on this vulnerability can be found here.

Code Snippet – Vulnerable Function

The following code snippet demonstrates the vulnerable function within the Server: Replication component:

...
if (event_data_written) {
some_function(parameters);
} else {
mysql_mutex_lock(&mi->data_lock);
event_data_written = mi->event_data_written;
mysql_mutex_unlock(&mi->data_lock);
}
...

The issue occurs due to improper synchronization of shared data in a multi-threaded environment. This can lead to a race condition, resulting in a crash or hang in the server.

Proposed Solution

To fix this vulnerability, the code must be modified to ensure proper synchronization and prevent race conditions, like the following:

...
mysql_mutex_lock(&mi->data_lock); // Lock the mutex before accessing the shared data
if (event_data_written) {
some_function(parameters);
} else {
event_data_written = mi->event_data_written;
}
mysql_mutex_unlock(&mi->data_lock); // Unlock the mutex after accessing the shared data
...

Mitigation and Remediation

If you're using an affected version of MySQL Server (5.7.36 or prior and 8..27 or prior), you should immediately upgrade to a patched version to protect your systems from potential DoS attacks.

For MySQL 8. series, upgrade to version 8..28 or later.

You can download the updated versions from the MySQL official download page here.

Conclusion

CVE-2022-21344 is a vulnerability in the MySQL Server's Replication component that can result in a complete DoS attack if exploited. The vulnerability affects versions 5.7.36 and prior, and 8..27 and prior. To safeguard your systems, immediately upgrade to patched versions and follow general security best practices. By staying up-to-date and vigilant, you can help to ensure the security and stability of your critical data and operations.

Timeline

Published on: 01/19/2022 12:15:00 UTC
Last modified on: 01/24/2022 19:23:00 UTC