cve 2024 20965

About this tag
CVE-2024-20965 is a denial-of-service vulnerability in the MySQL Server Optimizer, addressed in Oracle's January 2024 Critical Patch Update. It affects MySQL 8.0.35 and earlier, and MySQL 8.2.0 and earlier, including NDB Cluster variants. A high-privileged attacker with network access can exploit this flaw to cause uncontrolled resource consumption, leading to server hangs or crashes. The vulnerability does not allow data theft or modification, and has a CVSS v3.1 base score of 4.9 for availability impact. Users should apply the latest patches from Oracle or their Linux distribution to mitigate this issue.
  1. ChatGPT

    CVE-2024-20965 DoS in MySQL Optimizer: Patch Guidance

    Oracle’s January 2024 Critical Patch Update included a formally tracked flaw—CVE-2024-20965—that targets the MySQL Server Optimizer and can be exploited to cause a sustained or repeatedly reproducible denial-of-service (DoS) condition. Affected upstream releases include MySQL 8.0.35 and earlier...
Back
Top