Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.7.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
{ "vanir_signatures": [ { "deprecated": false, "target": { "function": "mysql_test_select", "file": "sql/sql_prepare.cc" }, "source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6", "signature_type": "Function", "id": "CVE-2021-2154-05c7814c", "signature_version": "v1", "digest": { "function_hash": "322128387529780625592402890608648572913", "length": 1382.0 } }, { "deprecated": false, "target": { "file": "sql/sql_derived.cc" }, "source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6", "signature_type": "Line", "id": "CVE-2021-2154-0b79189e", "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "8376308921794643741701672030968664939", "232938431702890569967529964990510805858", "156935383331326070759284374582573215374", "319188585465869426447694675742810284314", "195978959015672643546896046468512073720", "186914805573621586770799268670423495601", "184098504852850448733505618452706751503", "257019084214720884159526716952479552926", "208522982103125932622770522087140256483", "161126447642095895822482869837686626840", "260399343256022085728421119837455812260", "86974682356935820809437566681831043391", "323198554721651991414320781385521082385", "73073261068670371719770287508748727990", "328274921891070475929777568712471794870", "134715197553679507358974418074540409098", "161102368812016543595319424570300176101", "193581079227660862907858489419856964303", "9625058991100069502652877227768933890" ] } }, { "deprecated": false, "target": { "file": "sql/sql_base.cc" }, "source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6", "signature_type": "Line", "id": "CVE-2021-2154-192da221", "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "168544384147256645351056743036618817406", "50451342659074436417376011823148259476", "186318101579849850461204891639931981521", "218390225894619315967716500252344584557" ] } }, { "deprecated": false, "target": { "function": "mysql_handle_single_derived", "file": "sql/sql_derived.cc" }, "source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6", "signature_type": "Function", "id": "CVE-2021-2154-319b8344", "signature_version": "v1", "digest": { "function_hash": "94106374924971372826460142161729586423", "length": 913.0 } }, { "deprecated": false, "target": { "function": "open_normal_and_derived_tables", "file": "sql/sql_base.cc" }, "source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6", "signature_type": "Function", "id": "CVE-2021-2154-362ca9d2", "signature_version": "v1", "digest": { "function_hash": "294940075262138667602358936354965008942", "length": 597.0 } }, { "deprecated": false, "target": { "function": "mysql_test_create_table", "file": "sql/sql_prepare.cc" }, "source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6", "signature_type": "Function", "id": "CVE-2021-2154-38cdab29", "signature_version": "v1", "digest": { "function_hash": "235753819923495502702942664180535283210", "length": 942.0 } }, { "deprecated": false, "target": { "function": "fill_schema_table_by_open", "file": "sql/sql_show.cc" }, "source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6", "signature_type": "Function", "id": "CVE-2021-2154-7b0b2027", "signature_version": "v1", "digest": { "function_hash": "41437778563358113259307207121800751509", "length": 2225.0 } }, { "deprecated": false, "target": { "function": "mysql_handle_derived", "file": "sql/sql_derived.cc" }, "source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6", "signature_type": "Function", "id": "CVE-2021-2154-81fce179", "signature_version": "v1", "digest": { "function_hash": "101931646880406494030966935605892683304", "length": 1479.0 } }, { "deprecated": false, "target": { "function": "mysqld_list_fields", "file": "sql/sql_show.cc" }, "source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6", "signature_type": "Function", "id": "CVE-2021-2154-8df0282a", "signature_version": "v1", "digest": { "function_hash": "146040710720366585580707197404632625234", "length": 1000.0 } }, { "deprecated": false, "target": { "function": "mysql_test_do_fields", "file": "sql/sql_prepare.cc" }, "source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6", "signature_type": "Function", "id": "CVE-2021-2154-956391da", "signature_version": "v1", "digest": { "function_hash": "282265357197290812965726598369122592845", "length": 452.0 } }, { "deprecated": false, "target": { "file": "sql/sql_class.h" }, "source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6", "signature_type": "Line", "id": "CVE-2021-2154-9d90e26e", "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "25659621010009786125164404455603937145", "244812572285093701929011865903861410272", "135505733500033385538611137446985357365", "329449124570590508714789493975010729205", "171314629574034887773000597308419181797", "89764016259477326958381951977404856061", "334855243505824478683610057194996675696" ] } }, { "deprecated": false, "target": { "file": "sql/sql_show.cc" }, "source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6", "signature_type": "Line", "id": "CVE-2021-2154-a94f21ff", "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "209753238693340880041535547327645207005", "334070641843918206322074786894599376572", "316310665983206167860018462332509291806", "232548721670911873680560609057779397011", "167208539937498664681683735279208545598", "199585545327948560623734408763450157132", "76506685930476968229085867394001919863", "281172649008171803085776340743584734404" ] } }, { "deprecated": false, "target": { "function": "mysql_test_set_fields", "file": "sql/sql_prepare.cc" }, "source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6", "signature_type": "Function", "id": "CVE-2021-2154-f4163153", "signature_version": "v1", "digest": { "function_hash": "194805658341721684859143128259654138627", "length": 499.0 } }, { "deprecated": false, "target": { "file": "sql/sql_prepare.cc" }, "source": "https://github.com/mariadb/server/commit/a20195bba5ff695b8c00b8b3f57edced3c1108a6", "signature_type": "Line", "id": "CVE-2021-2154-f9d6bd0f", "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "225110962163697236869617512016214378999", "271803788401245016054311266015887247976", "114628426084200241910127751388202670921", "42628445176351403523529725694633223320", "101225470818017190287972083985866998692", "50089665062729635219130237219008110524", "133595521131707003650803866502738985173", "223516217828469003607440062498462692971", "142072693006293248333500908379946308505", "30545965552448550597052659314849753491", "88667210771268085064696118079338461125", "126625423290341858471048495625847257641", "163916659944676181836255996539400582964", "62126678808852359200323133039533474712", "8645302836542464987474811482763832914", "273608608288985838897703698112404943796" ] } } ] }